Lucene search

[email protected]CVE-2008-0296

HistoryJan 16, 2008 - 10:00 p.m.

CVE-2008-0296

2008-01-1622:00:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2008-0296

buffer overflow

libaccess_realrtsp

videolan

vlc media player

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.7 High

AI Score

Confidence

High

0.009 Low

EPSS

Percentile

83.0%

JSON

Heap-based buffer overflow in the libaccess_realrtsp plugin in VideoLAN VLC Media Player 0.8.6d and earlier on Windows might allow remote RTSP servers to cause a denial of service (application crash) or execute arbitrary code via a long string.

Affected configurations

NVD

Node

microsoftwindows

AND

videolanvlc_media_playerRange≤0.8.6d

CPENameOperatorVersion
videolan:vlc_media_playervideolan vlc media playerle0.8.6d

CPE	Name	Operator	Version
videolan:vlc_media_player	videolan vlc media player	le	0.8.6d

References

aluigi.altervista.org/adv/vlcxhof-adv.txt

secunia.com/advisories/29284

secunia.com/advisories/29766

www.debian.org/security/2008/dsa-1543

www.gentoo.org/security/en/glsa/glsa-200803-13.xml

www.vupen.com/english/advisories/2008/0105

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14597

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.7 High

AI Score

Confidence

High

0.009 Low

EPSS

Percentile

83.0%

JSON

Related for CVE-2008-0296

cvelist1 prion1 debiancve1 ubuntucve1 nvd1 gentoo1 openvas4 nessus2 debian1 osv1