3 matches found
FreeBSD : vlc -- format string vulnerability and integer overflow (7128fb45-2633-11dc-94da-0016179b2dd5)
isecpartners reports : VLC is vulnerable to a format string attack in the parsing of Vorbis comments in Ogg Vorbis and Ogg Theora files, CDDA data or SAP/SDP service discovery messages. Additionally, there are two errors in the handling of wav files, one a denial of service due to an uninitialize...
CVE-2007-3468
CVE-2007-3468 affects VideoLAN VLC Media Player. The flaw is in input.c parsing WAV data, where an uninitialized i_nb_resamplers variable can be used, enabling a remote attacker to crash the player (DoS) via a crafted WAV file. Affected versions are VLC up to 0.8.6c (before 0.8.6c). The connected...
CVE-2007-3468
input.c in VideoLAN VLC Media Player before 0.8.6c allows remote attackers to cause a denial of service crash via a crafted WAV file that causes an uninitialized inbresamplers variable to be used...