Lucene search

K
freebsdFreeBSD4B09378E-ADDB-11DD-A578-0030843D3802
HistoryNov 05, 2008 - 12:00 a.m.

vlc -- cue processing stack overflow

2008-11-0500:00:00
vuxml.freebsd.org
20

9.3 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.97 High

EPSS

Percentile

99.7%

The VLC Team reports:

The VLC media player contains a stack overflow vulnerability
while parsing malformed cue files. The vulnerability may be
exploited by a (remote) attacker to execute arbitrary code in
the context of VLC media player.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchvlc< 0.8.6.i_2,2UNKNOWN
FreeBSDanynoarchvlc-devel< 0.9.6,3UNKNOWN

9.3 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.97 High

EPSS

Percentile

99.7%