Lucene search

K
ubuntucveUbuntu.comUB:CVE-2008-5036
HistoryNov 10, 2008 - 12:00 a.m.

CVE-2008-5036

2008-11-1000:00:00
ubuntu.com
ubuntu.com
11

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.97 High

EPSS

Percentile

99.8%

Stack-based buffer overflow in VideoLAN VLC media player 0.9.x before 0.9.6
might allow user-assisted attackers to execute arbitrary code via an an
invalid RealText (rt) subtitle file, related to the ParseRealText function
in modules/demux/subtitle.c. NOTE: this issue was SPLIT from CVE-2008-5032
on 20081110.

OSVersionArchitecturePackageVersionFilename
ubuntu8.10noarchvlc< 0.9.4-1ubuntu3.2UNKNOWN

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.97 High

EPSS

Percentile

99.8%