{"id":"CVE-2006-1905","details":"Multiple format string vulnerabilities in xiTK (xitk/main.c) in xine 0.99.3 allow remote attackers to execute arbitrary code via format string specifiers in a long filename on an EXTINFO line in a playlist file.","modified":"2026-04-10T03:38:26.766996Z","published":"2006-04-20T10:02:00Z","references":[{"type":"ADVISORY","url":"http://open-security.org/advisories/16"},{"type":"ADVISORY","url":"http://secunia.com/advisories/19671"},{"type":"ADVISORY","url":"http://secunia.com/advisories/19854"},{"type":"ADVISORY","url":"http://secunia.com/advisories/20066"},{"type":"ADVISORY","url":"http://www.mandriva.com/security/advisories?name=MDKSA-2006:085"},{"type":"ADVISORY","url":"http://www.novell.com/linux/security/advisories/2006_05_05.html"},{"type":"ADVISORY","url":"http://www.vupen.com/english/advisories/2006/1432"},{"type":"EVIDENCE","url":"http://www.securityfocus.com/bid/17579"},{"type":"WEB","url":"http://securitytracker.com/id?1015959"},{"type":"WEB","url":"http://sourceforge.net/mailarchive/message.php?msg_id=15429845"},{"type":"WEB","url":"http://www.gentoo.org/security/en/glsa/glsa-200604-15.xml"},{"type":"WEB","url":"http://www.osvdb.org/24747"},{"type":"WEB","url":"http://www.securityfocus.com/archive/1/431251/100/0/threaded"},{"type":"WEB","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/25851"}],"schema_version":"1.7.5"}