Unrated severityNVD Advisory· Published Dec 31, 2004· Updated Jun 16, 2026
CVE-2004-1476
CVE-2004-1476
Description
Stack-based buffer overflow in the VideoCD (VCD) code in xine-lib 1-rc2 through 1-rc5, as derived from libcdio, allows attackers to execute arbitrary code via a VideoCD with an unterminated disk label.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
17cpe:2.3:a:xine:xine:0.9.18:*:*:*:*:*:*:*+ 9 more
- cpe:2.3:a:xine:xine:0.9.18:*:*:*:*:*:*:*
- cpe:2.3:a:xine:xine:1_rc2:*:*:*:*:*:*:*
- cpe:2.3:a:xine:xine:1_rc3:*:*:*:*:*:*:*
- cpe:2.3:a:xine:xine:1_rc4:*:*:*:*:*:*:*
- cpe:2.3:a:xine:xine:1_rc5:*:*:*:*:*:*:*
- cpe:2.3:a:xine:xine-lib:0.99:*:*:*:*:*:*:*
- cpe:2.3:a:xine:xine-lib:1_rc2:*:*:*:*:*:*:*
- cpe:2.3:a:xine:xine-lib:1_rc3:*:*:*:*:*:*:*
- cpe:2.3:a:xine:xine-lib:1_rc4:*:*:*:*:*:*:*
- cpe:2.3:a:xine:xine-lib:1_rc5:*:*:*:*:*:*:*
cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux:8.2:*:personal:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux:9.0:*:personal:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux:9.1:*:personal:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux:9.2:*:personal:*:*:*:*:*
Patches
Vulnerability mechanics
References
5- www.gentoo.org/security/en/glsa/glsa-200409-30.xmlnvdPatchVendor Advisory
- www.securityfocus.com/archive/1/375485/2004-09-02/2004-09-08/0nvdPatchVendor Advisory
- www.securityfocus.com/bid/11206nvdPatch
- xinehq.de/index.php/security/XSA-2004-4nvdPatchVendor Advisory
- exchange.xforce.ibmcloud.com/vulnerabilities/17431nvd
News mentions
0No linked articles in our index yet.