← back
CVE-2006-2230

CVE-2006-2230

EPSS 7.1%
Multiple format string vulnerabilities in xiTK (xitk/main.c) in xine 0.99.4 might allow attackers to cause a denial of service via format string specifiers in an MP3 filename specified on the command line. NOTE: this is a different vulnerability than CVE-2006-1905. In addition, if the only attack vectors involve a user-assisted, local command line argument of a non-setuid program, this issue might not be a vulnerability.
Affected products
n/a · n/a
public PoCs found1
exploitdbwww.exploit-db.com/exploits/27791unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/26216http://www.debian.org/security/2006/dsa-1093http://www.securityfocus.com/archive/1/432598/100/0/threadedhttp://www.securityfocus.com/bid/17769