Launchpad CVE tracker

CVE 2008-5241

Integer underflow in demux_qt.c in xine-lib 1.1.12, and other 1.1.15 and earlier versions, allows remote attackers to cause a denial of service (crash) via a crafted media file that results in a small value of moov_atom_size in a compressed MOV (aka CMOV_ATOM).

Related bugs and status

CVE-2008-5241 (Candidate) is related to these bugs:

Bug #290768: C format string specifications mismatch in translations crashes libxine based apps in some loales

		In	Importance	Status
290768	C format string specifications mismatch in translations crashes libxine based apps in some loales	xine-lib (Ubuntu)	High	Fix Released
290768	C format string specifications mismatch in translations crashes libxine based apps in some loales	langpack-o-matic	Undecided	Fix Released
290768	C format string specifications mismatch in translations crashes libxine based apps in some loales	xine-lib (Ubuntu Intrepid)	Undecided	Fix Released
290768	C format string specifications mismatch in translations crashes libxine based apps in some loales	language-pack-gnome-it-base (Ubuntu)	Undecided	Fix Released
290768	C format string specifications mismatch in translations crashes libxine based apps in some loales	language-pack-gnome-it-base (Ubuntu Intrepid)	Undecided	Fix Released
290768	C format string specifications mismatch in translations crashes libxine based apps in some loales	language-pack-gnome-de-base (Ubuntu)	Undecided	Fix Released
290768	C format string specifications mismatch in translations crashes libxine based apps in some loales	language-pack-gnome-de-base (Ubuntu Intrepid)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2008-5241

References