Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-3794

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2008-3794
Last Modified 27 Jan 2012 12:32:09
Published 26 Aug 2008 11:41:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-3794

Summary

Integer signedness error in the mms_ReceiveCommand function in modules/access/mms/mmstu.c in VLC Media Player 0.8.6i allows remote attackers to execute arbitrary code via a crafted mmst link with a negative size value, which bypasses a size check and triggers an integer overflow followed by a heap-based buffer overflow.

Vulnerable Systems

Application

  • Videolan Vlc Media Player 0.8.6i


References

XF - vlcmediaplayer-memmove-bo(44659)

SECTRACK - 1020759

BID - 30806

MISC - http://www.orange-bat.com/adv/2008/adv.08.24.txt

MLIST - [oss-security] 20080824 Re: CVE id request: vlc

MILW0RM - 6293

SREASON - 4190

GENTOO - GLSA-200809-06

MLIST - [vlc-devel] 20080824 commit: MMS integers handling fixes, including buffer overflow ( RĂ©mi Denis-Courmont )


Last Updated: 27 May 2016 10:48:18