Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2004-1188

The pnm_get_chunk function in xine 0.99.2 and earlier, and other packages such as MPlayer that use the same code, does not properly verify that the chunk size is less than the PREAMBLE_SIZE, which causes a read operation with a negative length that leads to a buffer overflow via (1) RMF_TAG, (2) DATA_TAG, (3) PROP_TAG, (4) MDPR_TAG, and (5) CONT_TAG values, a different vulnerability than CVE-2004-1187.

Published

2005-01-10T05:00:00.000

Last Modified

2025-04-03T01:03:51.193

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 10.0 (HIGH)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

  • Access Vector: NETWORK
  • Access Complexity: LOW
  • Authentication: NONE
  • Confidentiality Impact: COMPLETE
  • Integrity Impact: COMPLETE
  • Availability Impact: COMPLETE
Exploitability Score

10.0

Impact Score

10.0

Weaknesses
  • Type: Primary
    NVD-CWE-Other
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application mplayer mplayer 0.90 Yes
Application mplayer mplayer 0.90_pre Yes
Application mplayer mplayer 0.90_rc Yes
Application mplayer mplayer 0.90_rc4 Yes
Application mplayer mplayer 0.91 Yes
Application mplayer mplayer 0.92 Yes
Application mplayer mplayer 0.92.1 Yes
Application mplayer mplayer 0.92_cvs Yes
Application mplayer mplayer 1.0_pre1 Yes
Application mplayer mplayer 1.0_pre2 Yes
Application mplayer mplayer 1.0_pre3 Yes
Application mplayer mplayer 1.0_pre3try2 Yes
Application mplayer mplayer 1.0_pre4 Yes
Application mplayer mplayer 1.0_pre5 Yes
Application mplayer mplayer 1.0_pre5try1 Yes
Application mplayer mplayer 1.0_pre5try2 Yes
Application mplayer mplayer head_cvs Yes
Application xine xine 0.9.8 Yes
Application xine xine 0.9.13 Yes
Application xine xine 0.9.18 Yes
Application xine xine 1_alpha Yes
Application xine xine 1_beta1 Yes
Application xine xine 1_beta2 Yes
Application xine xine 1_beta3 Yes
Application xine xine 1_beta4 Yes
Application xine xine 1_beta5 Yes
Application xine xine 1_beta6 Yes
Application xine xine 1_beta7 Yes
Application xine xine 1_beta8 Yes
Application xine xine 1_beta9 Yes
Application xine xine 1_beta10 Yes
Application xine xine 1_beta11 Yes
Application xine xine 1_beta12 Yes
Application xine xine 1_rc0 Yes
Application xine xine 1_rc0a Yes
Application xine xine 1_rc1 Yes
Application xine xine 1_rc2 Yes
Application xine xine 1_rc3 Yes
Application xine xine 1_rc3a Yes
Application xine xine 1_rc3b Yes
Application xine xine 1_rc4 Yes
Application xine xine 1_rc5 Yes
Application xine xine 1_rc6 Yes
Application xine xine 1_rc6a Yes
Application xine xine 1_rc7 Yes
Application xine xine 1_rc8 Yes
Application xine xine-lib 0.9.8 Yes
Application xine xine-lib 0.9.13 Yes
Application xine xine-lib 0.99 Yes
Application xine xine-lib 1_alpha Yes
Application xine xine-lib 1_beta1 Yes
Application xine xine-lib 1_beta2 Yes
Application xine xine-lib 1_beta3 Yes
Application xine xine-lib 1_beta4 Yes
Application xine xine-lib 1_beta5 Yes
Application xine xine-lib 1_beta6 Yes
Application xine xine-lib 1_beta7 Yes
Application xine xine-lib 1_beta8 Yes
Application xine xine-lib 1_beta9 Yes
Application xine xine-lib 1_beta10 Yes
Application xine xine-lib 1_beta11 Yes
Application xine xine-lib 1_beta12 Yes
Application xine xine-lib 1_rc0 Yes
Application xine xine-lib 1_rc1 Yes
Application xine xine-lib 1_rc2 Yes
Application xine xine-lib 1_rc3 Yes
Application xine xine-lib 1_rc3a Yes
Application xine xine-lib 1_rc3b Yes
Application xine xine-lib 1_rc3c Yes
Application xine xine-lib 1_rc4 Yes
Application xine xine-lib 1_rc5 Yes
Application xine xine-lib 1_rc6 Yes
Application xine xine-lib 1_rc6a Yes
Application xine xine-lib 1_rc7 Yes
Operating System mandrakesoft mandrake_linux 10.0 Yes
Operating System mandrakesoft mandrake_linux 10.0 Yes
Operating System mandrakesoft mandrake_linux 10.1 Yes
Operating System mandrakesoft mandrake_linux 10.1 Yes
References