6 matches found
Debian DSA-1819-1 : vlc - several vulnerabilities
Several vulnerabilities have been discovered in vlc, a multimedia player and streamer. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-1768 Drew Yao discovered that multiple integer overflows in the MP4 demuxer, Real demuxer and Cinepak codec can le...
CVE-2008-3794
Integer signedness error in the mmsReceiveCommand function in modules/access/mms/mmstu.c in VLC Media Player 0.8.6i allows remote attackers to execute arbitrary code via a crafted mmst link with a negative size value, which bypasses a size check and triggers an integer overflow followed by a...
CVE-2008-3794
Integer signedness error in the mmsReceiveCommand function in modules/access/mms/mmstu.c in VLC Media Player 0.8.6i allows remote attackers to execute arbitrary code via a crafted mmst link with a negative size value, which bypasses a size check and triggers an integer overflow followed by a...
DEBIAN-CVE-2008-3794
Integer signedness error in the mmsReceiveCommand function in modules/access/mms/mmstu.c in VLC Media Player 0.8.6i allows remote attackers to execute arbitrary code via a crafted mmst link with a negative size value, which bypasses a size check and triggers an integer overflow followed by a...
CVE-2008-3794
Integer signedness error in the mmsReceiveCommand function in modules/access/mms/mmstu.c in VLC Media Player 0.8.6i allows remote attackers to execute arbitrary code via a crafted mmst link with a negative size value, which bypasses a size check and triggers an integer overflow followed by a...
vlcmms-overflow.txt
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - Orange Bat advisory - Name : VLC 0.8.6i MMS Protocol Handling Class : Heap Overflow Published : 2008-08-24 Credit : g g orange-bat com - - Details - This can be exploited from remote. User have to open mmst:// link poiting to server controlled by...