Unrated severityNVD Advisory· Published Jan 10, 2008· Updated Jun 16, 2026
CVE-2008-0225
CVE-2008-0225
Description
Heap-based buffer overflow in the rmff_dump_cont function in input/libreal/rmff.c in xine-lib 1.1.9 and earlier allows remote attackers to execute arbitrary code via the SDP Abstract attribute in an RTSP session, related to the rmff_dump_header function and related to disregarding the max field. NOTE: some of these details are obtained from third party information.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
20- aluigi.altervista.org/adv/xinermffhof-adv.txtnvdExploit
- secunia.com/advisories/28384nvdVendor Advisory
- secunia.com/advisories/28489nvdVendor Advisory
- secunia.com/advisories/28507nvdVendor Advisory
- secunia.com/advisories/28636nvdVendor Advisory
- secunia.com/advisories/28674nvdVendor Advisory
- secunia.com/advisories/28955nvdVendor Advisory
- secunia.com/advisories/31393nvdVendor Advisory
- www.vupen.com/english/advisories/2008/0163nvdVendor Advisory
- bugs.gentoo.org/show_bug.cginvd
- security.gentoo.org/glsa/glsa-200801-12.xmlnvd
- sourceforge.net/project/shownotes.phpnvd
- www.debian.org/security/2008/dsa-1472nvd
- www.mandriva.com/security/advisoriesnvd
- www.mandriva.com/security/advisoriesnvd
- www.novell.com/linux/security/advisories/suse_security_summary_report.htmlnvd
- www.securityfocus.com/bid/27198nvd
- www.ubuntu.com/usn/usn-635-1nvd
- bugzilla.redhat.com/show_bug.cginvd
- www.redhat.com/archives/fedora-package-announce/2008-January/msg00592.htmlnvd
News mentions
0No linked articles in our index yet.