CVE-2006-6172
EPSS 4.5%xine-lib
Published: 11/30/2006Modified: 4/28/2026
Also known as:DEBIAN-CVE-2006-6172
Description
Buffer overflow in the asmrp_eval function in the RealMedia RTSP stream handler (asmrp.c) for Real Media input plugin, as used in (1) xine/xine-lib, (2) MPlayer 1.0rc1 and earlier, and possibly others, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a rulebook with a large number of rulematches.
Affected packages (2)
- Debian/mplayerfrom 0, < 1.0~rc1-11
- Debian/xine-libfrom 0, < 1.0.1-1sarge5