Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-0295

Overview

Vulnerability Score 8.5 8.5
CVE Id CVE-2008-0295
Last Modified 27 Jan 2012 12:31:34
Published 16 Jan 2008 05:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication SINGLE_INSTANCE

CVE-2008-0295

Summary

Heap-based buffer overflow in modules/access/rtsp/real_sdpplin.c in the Xine library, as used in VideoLAN VLC Media Player 0.8.6d and earlier, allows user-assisted remote attackers to cause a denial of service (crash) or execute arbitrary code via long Session Description Protocol (SDP) data.

Vulnerable Systems

Application

  • Videolan Vlc Media Player 0.8.6d


References

VUPEN - ADV-2008-0105

BID - 27221

SECUNIA - 28383

MISC - http://aluigi.altervista.org/adv/vlcxhof-adv.txt

GENTOO - GLSA-200803-13

DEBIAN - DSA-1543

SECUNIA - 29766

SECUNIA - 29284


Last Updated: 27 May 2016 10:46:44