Unrated severityNVD Advisory· Published Mar 1, 2005· Updated Apr 16, 2026

CVE-2004-1034

Description

Buffer overflow in the http_open function in Kaffeine before 0.5, whose code is also used in gxine before 0.3.3, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long Content-Type header for a Real Audio Media (.ram) playlist file.

Affected products

Kaffeine/Kaffeine Player4 versions
cpe:2.3:a:kaffeine:kaffeine_player:0.4.2:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:kaffeine:kaffeine_player:0.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:kaffeine:kaffeine_player:0.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:kaffeine:kaffeine_player:0.4.3b:*:*:*:*:*:*:*
- cpe:2.3:a:kaffeine:kaffeine_player:0.5_rc1:*:*:*:*:*:*:*
Xine/Gxine
cpe:2.3:a:xine:gxine:0.3:*:*:*:*:*:*:*
Gentoo/Linux
cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.005
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000