Unrated severityNVD Advisory· Published Apr 17, 2008· Updated Apr 23, 2026
CVE-2008-1878
CVE-2008-1878
Description
Stack-based buffer overflow in the demux_nsf_send_chunk function in src/demuxers/demux_nsf.c in xine-lib 1.1.12 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long NSF title.
Affected products
8cpe:2.3:a:xine:xine-lib:*:*:*:*:*:*:*:*+ 7 more
- cpe:2.3:a:xine:xine-lib:*:*:*:*:*:*:*:*range: <=1.1.12
- cpe:2.3:a:xine:xine-lib:1.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:xine:xine-lib:1.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:xine:xine-lib:1.1.10:*:*:*:*:*:*:*
- cpe:2.3:a:xine:xine-lib:1.1.10.1:*:*:*:*:*:*:*
- cpe:2.3:a:xine:xine-lib:1.1.11:*:*:*:*:*:*:*
- cpe:2.3:a:xine:xine-lib:1.1.11.1:*:*:*:*:*:*:*
- cpe:2.3:a:xine:xine-lib:1.1.9:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
18- secunia.com/advisories/29850nvdVendor Advisory
- lists.opensuse.org/opensuse-security-announce/2008-06/msg00001.htmlnvd
- secunia.com/advisories/30021nvd
- secunia.com/advisories/30337nvd
- secunia.com/advisories/30581nvd
- secunia.com/advisories/31372nvd
- secunia.com/advisories/31393nvd
- security.gentoo.org/glsa/glsa-200808-01.xmlnvd
- www.debian.org/security/2008/dsa-1586nvd
- www.mandriva.com/security/advisoriesnvd
- www.mandriva.com/security/advisoriesnvd
- www.securityfocus.com/bid/28816nvd
- www.ubuntu.com/usn/usn-635-1nvd
- www.vupen.com/english/advisories/2008/1247/referencesnvd
- exchange.xforce.ibmcloud.com/vulnerabilities/41865nvd
- www.exploit-db.com/exploits/5458nvd
- www.redhat.com/archives/fedora-package-announce/2008-April/msg00536.htmlnvd
- www.redhat.com/archives/fedora-package-announce/2008-April/msg00571.htmlnvd
News mentions
0No linked articles in our index yet.