Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
saintSAINT CorporationSAINT:C136411D5A887D6A6A147B6F6696F0A3
HistoryDec 04, 2008 - 12:00 a.m.

VLC media player TY file parse_master buffer overflow

2008-12-0400:00:00
SAINT Corporation
www.saintcorporation.com
12

0.753 High

EPSS

Percentile

98.2%

JSON

Added: 12/04/2008
CVE: CVE-2008-4654
BID: 31813
OSVDB: 49181

Background

VLC media player is a media player supporting various audio and video formats for multiple platforms.

Problem

A buffer overflow vulnerability in the parse_master function in the Ty demux plugin allows command execution when a user opens a specially crafted TiVo TY media file.

Resolution

Upgrade to VLC media player 0.9.5 or higher.

References

<http://www.videolan.org/security/sa0809.html&gt;
<http://archives.neohapsis.com/archives/bugtraq/2008-10/0155.html&gt;

Limitations

Exploit works on VLC media player 0.9.4 and requires a user to open the exploit file in VLC media player.

Platforms

Windows 2000
Windows XP

Related

prion 2
checkpoint_advisories 1
saint 3
cvelist 2
cve 2
packetstorm 1
ubuntucve 2
nvd 2
debiancve 2
openvas 4
prion
prion
Stack overflow
2008-10-22 00:11:00
Integer overflow
2008-10-22 18:00:00
checkpoint_advisories
checkpoint_advisories
VideoLAN VLC Media Player TY Processing Buffer Overflow (CVE-2008-4654)
2009-10-01 00:00:00
saint
saint
VLC media player TY file parse_master buffer overflow
2008-12-04 00:00:00
VLC media player TY file parse_master buffer overflow
2008-12-04 00:00:00
VLC media player TY file parse_master buffer overflow
2008-12-04 00:00:00
cvelist
cvelist
CVE-2008-4654
2008-10-21 22:00:00
CVE-2008-4686
2008-10-22 17:00:00
cve
cve
CVE-2008-4654
2008-10-22 00:11:51
CVE-2008-4686
2008-10-22 18:00:01
packetstorm
packetstorm
VideoLAN VLC TiVo Buffer Overflow
2009-11-26 00:00:00
ubuntucve
ubuntucve
CVE-2008-4654
2008-10-22 00:00:00
CVE-2008-4686
2008-10-22 00:00:00
nvd
nvd
CVE-2008-4654
2008-10-22 00:11:51
CVE-2008-4686
2008-10-22 18:00:01
debiancve
debiancve
CVE-2008-4654
2008-10-22 00:11:51
CVE-2008-4686
2008-10-22 18:00:01
openvas
openvas
VLC Media Player TY Processing Buffer Overflow Vulnerability (Windows)
2008-10-22 00:00:00
VLC Media Player TY Processing BOF Vulnerability - Linux
2008-10-22 00:00:00
VLC Media Player TY Processing BOF Vulnerability (Linux)
2008-10-22 00:00:00

0.753 High

EPSS

Percentile

98.2%

JSON
Related for SAINT:C136411D5A887D6A6A147B6F6696F0A3
prion2checkpoint_advisories1saint3cvelist2cve2packetstorm1ubuntucve2nvd2debiancve2openvas4