xine-lib security vulnerability

Tim van der Molen tbm at
Sun Oct 16 07:00:32 PDT 2005

"By setting up a malicious CDDB server, an attacker can overwrite
arbitrary memory locations with arbitrary data." Among the affected
versions are all 1.0 releases up to and including 1.0.2, and 1.1.0.

The problem is solved in version 1.0.3a. A patch against CVS is also
available. A workaround is to delete the file.

More information: <>.


More information about the lfs-security mailing list