Lucene search

[email protected]CVE-2008-0984

HistoryFeb 26, 2008 - 7:44 p.m.

CVE-2008-0984

2008-02-2619:44:00

CWE-399

[email protected]

web.nvd.nist.gov

cve-2008-0984

mp4 demuxer

vlc media player

miro player

remote code execution

7.2 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.203 Low

EPSS

Percentile

96.3%

JSON

The MP4 demuxer (mp4.c) for VLC media player 0.8.6d and earlier, as used in Miro Player 1.1 and earlier, allows remote attackers to overwrite arbitrary memory and execute arbitrary code via a malformed MP4 file.

CPENameOperatorVersion
miro:miro_playermiro miro playerle1.1
videolan:vlc_media_playervideolan vlc media playerle0.8.6d

CPE	Name	Operator	Version
miro:miro_player	miro miro player	le	1.1
videolan:vlc_media_player	videolan vlc media player	le	0.8.6d

References

lists.grok.org.uk/pipermail/full-disclosure/2008-February/060481.html

secunia.com/advisories/29122

secunia.com/advisories/29153

secunia.com/advisories/29284

secunia.com/advisories/29766

www.coresecurity.com/?action=item&id=2147

www.debian.org/security/2008/dsa-1543

www.gentoo.org/security/en/glsa/glsa-200803-13.xml

www.securityfocus.com/archive/1/488841/100/0/threaded

www.securityfocus.com/bid/28007

www.securitytracker.com/id?1019510

www.videolan.org/security/sa0802.html

www.vupen.com/english/advisories/2008/0682

7.2 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.203 Low

EPSS

Percentile

96.3%

JSON

Related for CVE-2008-0984

cvelist2 securityvulns2 prion2 packetstorm1 seebug1 ubuntucve2 debiancve2 cve1 openvas4 nessus2 gentoo1 debian1 osv1