Lucene search
RootSSV:3097HistoryMar 27, 2008 - 12:00 a.m.
VLC媒体播放器MP4_ReadBox_rdrf()函数堆溢出漏洞
2008-03-2700:00:00
Root
www.seebug.org
16
0.027 Low
EPSS
Percentile
90.5%
BUGTRAQ ID: 28433
CVE(CAN) ID: CVE-2008-1489
VLC Media Player是一款免费的媒体播放器。
VLC播放器的modules/demux/mp4/libmp4.c文件中的MP4_ReadBox_rdrf()函数存在整数溢出漏洞,如果用户受骗打开的MP4文件中包含有特制的RDRF元素的话,就可能触发堆溢出,导致执行任意指令。
VideoLAN VLC Media Player 0.8.6e
Rémi Denis-Courmont (<a href="mailto:[email protected]" target=“_blank”>[email protected]</a>)
链接:<a href=“http://secunia.com/advisories/29503/” target=“_blank”>http://secunia.com/advisories/29503/</a>
<a href=“http://trac.videolan.org/vlc/changeset/09572892df7e72c0d4e598c0b5e076cf330d8b0a” target=“_blank”>http://trac.videolan.org/vlc/changeset/09572892df7e72c0d4e598c0b5e076cf330d8b0a</a>
Related
ubuntucve
ubuntucve
CVE-2008-1489
2008-03-25 00:00:00
cve
cve
CVE-2008-1489
2008-03-25 00:44:00
prion
prion
Integer overflow
2008-03-25 00:44:00
cvelist
cvelist
CVE-2008-1489
2008-03-25 00:00:00
nvd
nvd
CVE-2008-1489
2008-03-25 00:44:00
debiancve
debiancve
CVE-2008-1489
2008-03-25 00:44:00
nessus
nessus
VLC Media Player < 0.8.6f Multiple Vulnerabilities (deprecated)
2008-03-14 00:00:00
VLC Media Player < 0.8.6f Multiple Vulnerabilities
2008-04-11 00:00:00
GLSA-200804-25 : VLC: User-assisted execution of arbitrary code
2008-04-25 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200804-25 (vlc)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200804-25 (vlc)
2008-09-24 00:00:00
Debian Security Advisory DSA 1543-1 (vlc)
2008-04-21 00:00:00
gentoo
gentoo
VLC: User-assisted execution of arbitrary code
2008-04-23 00:00:00
debian
debian
[SECURITY] [DSA 1543-1] New vlc packages fix several vulnerabilities
2008-04-09 19:26:06
osv
osv
vlc - several vulnerabilities
2008-04-09 00:00:00