Strix
26.1K

CVE-2004-1188

UnknownEPSS 1.97%

Last modified

CVE-2004-1188 is a vulnerability of currently unknown severity. The pnm_get_chunk function in xine 0.99.2 and earlier, and other packages such as MPlayer that use the same code, does not properly verify that the chunk size is less than the PREAMBLE_SIZE, which causes a read operation with a negative length that leads to a buffer overflow via (1) RMF_TAG, (2) DATA_TAG, (3) PROP_TAG, (4) MDPR_TAG, and (5) CONT_TAG values, a different vulnerability than CVE-2004-1187.. EPSS estimates a 1.97% chance of exploitation in the next 30 days.

Description

The pnm_get_chunk function in xine 0.99.2 and earlier, and other packages such as MPlayer that use the same code, does not properly verify that the chunk size is less than the PREAMBLE_SIZE, which causes a read operation with a negative length that leads to a buffer overflow via (1) RMF_TAG, (2) DATA_TAG, (3) PROP_TAG, (4) MDPR_TAG, and (5) CONT_TAG values, a different vulnerability than CVE-2004-1187.

Metrics

EPSS Probability
1.97%

77.8th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

VendorProductVersions
MplayerMplayer0.90
MplayerMplayer0.90_pre
MplayerMplayer0.90_rc
MplayerMplayer0.90_rc4
MplayerMplayer0.91
MplayerMplayer0.92
MplayerMplayer0.92.1
MplayerMplayer0.92_cvs
MplayerMplayer1.0_pre1
MplayerMplayer1.0_pre2
MplayerMplayer1.0_pre3
MplayerMplayer1.0_pre3try2
MplayerMplayer1.0_pre4
MplayerMplayer1.0_pre5
MplayerMplayer1.0_pre5try1
MplayerMplayer1.0_pre5try2
MplayerMplayerhead_cvs
XineXine0.9.8
XineXine0.9.13
XineXine0.9.18
XineXine1_alpha
XineXine1_beta1
XineXine1_beta2
XineXine1_beta3
XineXine1_beta4
XineXine1_beta5
XineXine1_beta6
XineXine1_beta7
XineXine1_beta8
XineXine1_beta9
XineXine1_beta10
XineXine1_beta11
XineXine1_beta12
XineXine1_rc0
XineXine1_rc0a
XineXine1_rc1
XineXine1_rc2
XineXine1_rc3
XineXine1_rc3a
XineXine1_rc3b
XineXine1_rc4
XineXine1_rc5
XineXine1_rc6
XineXine1_rc6a
XineXine1_rc7
XineXine1_rc8
XineXine-Lib0.9.8
XineXine-Lib0.9.13
XineXine-Lib0.99
XineXine-Lib1_alpha

Showing 50 of 76 affected configurations. See NVD for the full list.

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2004-1188?
The pnm_get_chunk function in xine 0.99.2 and earlier, and other packages such as MPlayer that use the same code, does not properly verify that the chunk size is less than the PREAMBLE_SIZE, which causes a read operation with a negative length that leads to a buffer overflow via (1) RMF_TAG, (2) DATA_TAG, (3) PROP_TAG, (4) MDPR_TAG, and (5) CONT_TAG values, a different vulnerability than CVE-2004-1187.
How severe is CVE-2004-1188?
Severity scoring for CVE-2004-1188 is pending analysis. The EPSS model estimates a 1.97% probability of exploitation in the next 30 days.
How do I fix CVE-2004-1188?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2004-1188?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST