Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-3732

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2008-3732
Last Modified 27 Jan 2012 12:31:56
Published 20 Aug 2008 12:41:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-3732

Summary

Integer overflow in the Open function in modules/demux/tta.c in VLC Media Player 0.8.6i allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TTA file, which triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information.

Vulnerable Systems

Application

  • Videolan Vlc Media Player 0.8.6i


References

XF - vlc-mediaplayer-open-bo(44510)

VUPEN - ADV-2008-2394

BID - 30718

MISC - http://www.orange-bat.com/adv/2008/adv.08.16.txt

MILW0RM - 6252

SREASON - 4170

GENTOO - GLSA-200809-06

SECUNIA - 31512


Last Updated: 27 May 2016 10:48:16