Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-0984

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2008-0984
Last Modified 20 Jun 2011 12:00:00
Published 26 Feb 2008 02:44:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-0984

Summary

The MP4 demuxer (mp4.c) for VLC media player 0.8.6d and earlier, as used in Miro Player 1.1 and earlier, allows remote attackers to overwrite arbitrary memory and execute arbitrary code via a malformed MP4 file.

Vulnerable Systems

Application

  • Miro Player 1.1

  • Videolan Vlc Media Player 0.8.6d


References

CONFIRM - http://www.videolan.org/security/sa0802.html

VUPEN - ADV-2008-0682

SECTRACK - 1019510

BID - 28007

BUGTRAQ - 20080227 CORE-2008-0130: VLC media player chunk context validation error

GENTOO - GLSA-200803-13

DEBIAN - DSA-1543

MISC - http://www.coresecurity.com/?action=item&id=2147

SECUNIA - 29766

SECUNIA - 29284

SECUNIA - 29153

SECUNIA - 29122


Last Updated: 27 May 2016 10:46:58