CVE-2004-1476
EPSS 2.1%
Description
Stack-based buffer overflow in the VideoCD (VCD) code in xine-lib 1-rc2 through 1-rc5, as derived from libcdio, allows attackers to execute arbitrary code via a VideoCD with an unterminated disk label.
How to fix CVE-2004-1476
To remediate CVE-2004-1476, upgrade the affected package to a fixed version below.
- Debian/libcdio—upgrade to 0.69 or later
Is CVE-2004-1476 being exploited?
Low — EPSS is 2.1%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 0.69