{
  "modified": "2025-08-09T19:01:28Z",
  "published": "2004-12-31T05:00:00Z",
  "id": "CVE-2004-1951",
  "details": "xine 1.x alpha, 1.x beta, and 1.0rc through 1.0rc3a, and xine-ui 0.9.21 to 0.9.23 allows remote attackers to overwrite arbitrary files via the (1) audio.sun_audio_device or (2) dxr3.devicename options in an MRL link.",
  "references": [
    {
      "type": "ADVISORY",
      "url": "http://secunia.com/advisories/11433"
    },
    {
      "type": "ADVISORY",
      "url": "http://www.xinehq.de/index.php/security/XSA-2004-1"
    },
    {
      "type": "ADVISORY",
      "url": "http://www.xinehq.de/index.php/security/XSA-2004-2"
    },
    {
      "type": "EVIDENCE",
      "url": "http://www.securityfocus.com/bid/10193"
    },
    {
      "type": "FIX",
      "url": "http://security.gentoo.org/glsa/glsa-200404-20.xml"
    },
    {
      "type": "FIX",
      "url": "http://www.securityfocus.com/bid/10193"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/5594"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/5739"
    },
    {
      "type": "WEB",
      "url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.372791"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15939"
    }
  ]
}