Launchpad CVE tracker

CVE 2008-3231

xine-lib before 1.1.15 allows remote attackers to cause a denial of service (crash) via a crafted OGG file, as demonstrated by playing lol-ffplay.ogg with xine.

Related bugs and status

CVE-2008-3231 (Candidate) is related to these bugs:

Bug #76566: crash in faad plugin

Summary				In	Importance	Status
	76566	crash in faad plugin		xine-lib (Ubuntu)	Medium	Fix Released
	76566	crash in faad plugin		gstreamer0.10-ffmpeg (Ubuntu)	Undecided	Invalid

Bug #123456: podcast crashes amarok

Summary				In	Importance	Status
	123456	podcast crashes amarok		xine-lib (Ubuntu)	Undecided	Fix Released
	123456	podcast crashes amarok		Amarok	High	Invalid

Bug #261135: Please update xine-lib package to version 1.1.15 - improved V4L, added AMR audio, other improvements

Summary				In	Importance	Status
	261135	Please update xine-lib package to version 1.1.15 - improved V4L, added AMR audio, other improvements		xine-lib (Ubuntu)	Undecided	Fix Released
	261135	Please update xine-lib package to version 1.1.15 - improved V4L, added AMR audio, other improvements		xine-lib (Baltix)	Undecided	Invalid

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2008-3231

References