The vulnerability of the MP4_ReadBox_rdrf function in the Media Player software VideoLAN VLC allows a attacker to cause a service failure.

The vulnerability of the MP4ReadBoxrdrf function in the VideoLAN VLC media player’s libmp4.c file is related to numerical processing errors. Exploiting this vulnerability could allow an attacker to cause a service failure...

VLC媒体播放器MP4_ReadBox_rdrf()函数堆溢出漏洞

BUGTRAQ ID: 28433 CVECAN ID: CVE-2008-1489 VLC Media Player是一款免费的媒体播放器。 VLC播放器的modules/demux/mp4/libmp4.c文件中的MP4ReadBoxrdrf函数存在整数溢出漏洞，如果用户受骗打开的MP4文件中包含有特制的RDRF元素的话，就可能触发堆溢出，导致执行任意指令。 VideoLAN VLC Media Player 0.8.6e Rémi Denis-Courmont （[email protected]） 链接：http://secunia.com/advisories/29503/...

CVE-2008-1489

Integer overflow in the MP4ReadBoxrdrf function in libmp4.c for VLC 0.8.6e allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted MP4 RDRF box that triggers a heap-based buffer overflow, a different vulnerability than CVE-2008-0984...