Vulnerability Name:

CVE-2006-1905 (CCN-25851)

Assigned:2006-04-18
Published:2006-04-18
Updated:2018-10-18
Summary:Multiple format string vulnerabilities in xiTK (xitk/main.c) in xine 0.99.3 allow remote attackers to execute arbitrary code via format string specifiers in a long filename on an EXTINFO line in a playlist file.
CVSS v3 Severity:7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-Other
Vulnerability Consequences:Gain Access
References:Source: CCN
Type: Full-Disclosure Mailing List, Tue Apr 18 2006 - 02:41:01 CDT
Remote Xine Format String Vulnerability

Source: MITRE
Type: CNA
CVE-2006-1905

Source: MISC
Type: UNKNOWN
http://open-security.org/advisories/16

Source: CCN
Type: SA19671
Xine Playlist File Path Format String Vulnerability

Source: SECUNIA
Type: UNKNOWN
19671

Source: SECUNIA
Type: UNKNOWN
19854

Source: SECUNIA
Type: UNKNOWN
20066

Source: CCN
Type: SECTRACK ID: 1015959
xine Playlist File Path Format String Bug Lets Remote Users Execute Arbitrary Code

Source: SECTRACK
Type: UNKNOWN
1015959

Source: CONFIRM
Type: UNKNOWN
http://sourceforge.net/mailarchive/message.php?msg_id=15429845

Source: CCN
Type: GLSA-200604-15
xine-ui: Format string vulnerabilities

Source: GENTOO
Type: UNKNOWN
GLSA-200604-15

Source: MANDRIVA
Type: UNKNOWN
MDKSA-2006:085

Source: SUSE
Type: UNKNOWN
SUSE-SA:2006:025

Source: OSVDB
Type: UNKNOWN
24747

Source: CCN
Type: OSVDB ID: 24747
Xine Playlist xitk/main.c print_formatted() Function Format String

Source: CCN
Type: OSVDB ID: 25606
xine xiTK Multiple Format String

Source: BUGTRAQ
Type: UNKNOWN
20060418 Remote Xine Format String Vulnerability

Source: BID
Type: Exploit
17579

Source: CCN
Type: BID-17579
Xine Playlist Handling Remote Format String Vulnerability

Source: VUPEN
Type: UNKNOWN
ADV-2006-1432

Source: CCN
Type: xine Web site
xine - A Free Video Player

Source: XF
Type: UNKNOWN
xine-playlist-format-string(25851)

Source: XF
Type: UNKNOWN
xine-playlist-format-string(25851)

Source: SUSE
Type: SUSE-SA:2006:025
cyrus-sasl-digestmd5 denial of service attack

Vulnerable Configuration:Configuration 1:
  • cpe:/a:xine:xine:0.9.8:*:*:*:*:*:*:*
  • OR cpe:/a:xine:xine:0.9.13:*:*:*:*:*:*:*
  • OR cpe:/a:xine:xine:0.9.18:*:*:*:*:*:*:*
  • OR cpe:/a:xine:xine:1.0:*:*:*:*:*:*:*
  • OR cpe:/a:xine:xine:1.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:xine:xine:1_alpha:*:*:*:*:*:*:*
  • OR cpe:/a:xine:xine:1_beta1:*:*:*:*:*:*:*
  • OR cpe:/a:xine:xine:1_beta2:*:*:*:*:*:*:*
  • OR cpe:/a:xine:xine:1_beta3:*:*:*:*:*:*:*
  • OR cpe:/a:xine:xine:1_beta4:*:*:*:*:*:*:*
  • OR cpe:/a:xine:xine:1_beta5:*:*:*:*:*:*:*
  • OR cpe:/a:xine:xine:1_beta6:*:*:*:*:*:*:*
  • OR cpe:/a:xine:xine:1_beta7:*:*:*:*:*:*:*
  • OR cpe:/a:xine:xine:1_beta8:*:*:*:*:*:*:*
  • OR cpe:/a:xine:xine:1_beta9:*:*:*:*:*:*:*
  • OR cpe:/a:xine:xine:1_beta10:*:*:*:*:*:*:*
  • OR cpe:/a:xine:xine:1_beta11:*:*:*:*:*:*:*
  • OR cpe:/a:xine:xine:1_beta12:*:*:*:*:*:*:*
  • OR cpe:/a:xine:xine:1_rc0:*:*:*:*:*:*:*
  • OR cpe:/a:xine:xine:1_rc0a:*:*:*:*:*:*:*
  • OR cpe:/a:xine:xine:1_rc1:*:*:*:*:*:*:*
  • OR cpe:/a:xine:xine:1_rc2:*:*:*:*:*:*:*
  • OR cpe:/a:xine:xine:1_rc3:*:*:*:*:*:*:*
  • OR cpe:/a:xine:xine:1_rc3a:*:*:*:*:*:*:*
  • OR cpe:/a:xine:xine:1_rc3b:*:*:*:*:*:*:*
  • OR cpe:/a:xine:xine:1_rc4:*:*:*:*:*:*:*
  • OR cpe:/a:xine:xine:1_rc5:*:*:*:*:*:*:*
  • OR cpe:/a:xine:xine:1_rc6:*:*:*:*:*:*:*
  • OR cpe:/a:xine:xine:1_rc6a:*:*:*:*:*:*:*
  • OR cpe:/a:xine:xine:1_rc7:*:*:*:*:*:*:*
  • OR cpe:/a:xine:xine:1_rc8:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20061905
    V
    		CVE-2006-1905
    2015-11-16
    BACK
    xine xine 0.9.8
    xine xine 0.9.13
    xine xine 0.9.18
    xine xine 1.0
    xine xine 1.0.1
    xine xine 1_alpha
    xine xine 1_beta1
    xine xine 1_beta2
    xine xine 1_beta3
    xine xine 1_beta4
    xine xine 1_beta5
    xine xine 1_beta6
    xine xine 1_beta7
    xine xine 1_beta8
    xine xine 1_beta9
    xine xine 1_beta10
    xine xine 1_beta11
    xine xine 1_beta12
    xine xine 1_rc0
    xine xine 1_rc0a
    xine xine 1_rc1
    xine xine 1_rc2
    xine xine 1_rc3
    xine xine 1_rc3a
    xine xine 1_rc3b
    xine xine 1_rc4
    xine xine 1_rc5
    xine xine 1_rc6
    xine xine 1_rc6a
    xine xine 1_rc7
    xine xine 1_rc8