Search for vulnerabilities
Vulnerability details: VCID-va6y-wmnd-aaac
Vulnerability ID VCID-va6y-wmnd-aaac
Aliases CVE-2008-0073
Summary Array index error in the sdpplin_parse function in input/libreal/sdpplin.c in xine-lib 1.1.10.1 allows remote RTSP servers to execute arbitrary code via a large streamid SDP parameter.
Status Published
Exploitability 2.0
Weighted Severity 8.0
Risk 10.0
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-189 Numeric Errors
System Score Found at
generic_textual MODERATE http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00008.html
epss 0.00444 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.00460 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.00460 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.00460 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.00460 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.00460 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.00460 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.00460 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.00460 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.00460 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.00460 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.00460 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.00514 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.00515 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.00515 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.00515 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.01588 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.01588 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.01588 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.01588 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.01588 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.01588 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.01588 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.01588 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.01588 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.01588 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.01588 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.01588 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.01588 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.01588 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.01588 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.01588 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.01588 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.01588 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.01588 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.01588 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.01588 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.01588 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.01588 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.01588 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.01588 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.01588 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.01588 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.01588 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.01588 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.01588 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.01588 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.01588 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.01588 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.01588 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.01588 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.01588 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.01588 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.01588 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.01588 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.01588 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.01841 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.01841 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.01841 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.01841 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.01841 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.01841 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.01841 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.01841 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.01841 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.01841 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.01841 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.01841 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.01841 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.02708 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.02708 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.02708 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.02708 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.02708 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.02708 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.02708 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.02708 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.02708 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.02708 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.02708 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.02708 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.02708 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.02708 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.02708 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.02708 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.02708 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.02708 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.02708 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.02708 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
epss 0.03603 https://api.first.org/data/v1/epss?cve=CVE-2008-0073
rhbs high https://bugzilla.redhat.com/show_bug.cgi?id=438182
cvssv2 6.8 https://nvd.nist.gov/vuln/detail/CVE-2008-0073
Reference id Reference type URL
http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00008.html
http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00001.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0073.json
https://api.first.org/data/v1/epss?cve=CVE-2008-0073
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0073
http://secunia.com/advisories/28694
http://secunia.com/advisories/29392
http://secunia.com/advisories/29472
http://secunia.com/advisories/29503
http://secunia.com/advisories/29578
http://secunia.com/advisories/29601
http://secunia.com/advisories/29740
http://secunia.com/advisories/29766
http://secunia.com/advisories/29800
http://secunia.com/advisories/30581
http://secunia.com/advisories/31372
http://secunia.com/advisories/31393
http://secunia.com/secunia_research/2008-10/
http://security.gentoo.org/glsa/glsa-200804-25.xml
http://security.gentoo.org/glsa/glsa-200808-01.xml
https://exchange.xforce.ibmcloud.com/vulnerabilities/41339
http://sourceforge.net/project/shownotes.php?release_id=585488&group_id=9655
https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00143.html
https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00456.html
http://wiki.videolan.org/Changelog/0.8.6f
http://www.debian.org/security/2008/dsa-1536
http://www.debian.org/security/2008/dsa-1543
http://www.mandriva.com/security/advisories?name=MDVSA-2008:178
http://www.mandriva.com/security/advisories?name=MDVSA-2008:219
http://www.securityfocus.com/bid/28312
http://www.securitytracker.com/id?1019682
http://www.slackware.org/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.392408
http://www.ubuntu.com/usn/usn-635-1
http://www.videolan.org/security/sa0803.php
http://www.vupen.com/english/advisories/2008/0923
http://www.vupen.com/english/advisories/2008/0985
http://xinehq.de/index.php/news
438182 https://bugzilla.redhat.com/show_bug.cgi?id=438182
473057 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=473057
CVE-2008-0073 https://nvd.nist.gov/vuln/detail/CVE-2008-0073
GLSA-200804-25 https://security.gentoo.org/glsa/200804-25
GLSA-200808-01 https://security.gentoo.org/glsa/200808-01
USN-635-1 https://usn.ubuntu.com/635-1/
Data source Exploit-DB
Date added April 24, 2008
Description Kantaris 0.3.4 - SSA Subtitle Local Buffer Overflow
Ransomware campaign use Known
Source publication date April 25, 2008
Exploit type local
Platform windows
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2008-0073
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.75431
EPSS Score 0.00444
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.