Описание
Integer overflow in the MP4_ReadBox_rdrf function in libmp4.c for VLC 0.8.6e allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted MP4 RDRF box that triggers a heap-based buffer overflow, a different vulnerability than CVE-2008-0984.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 0.8.4.debian-1ubuntu6.3 |
| devel | released | 0.8.6.release.e+x264svn20071224+faad2.6.1-0ubuntu2 |
| edgy | ignored | end of life, was needed |
| feisty | released | 0.8.6.release-0ubuntu4.2 |
| gutsy | released | 0.8.6.release.c-0ubuntu5.2 |
| hardy | released | 0.8.6.release.e+x264svn20071224+faad2.6.1-0ubuntu2 |
| upstream | not-affected | 0.8.6f |
Показывать по
Ссылки на источники
EPSS
6.8 Medium
CVSS2
Связанные уязвимости
Integer overflow in the MP4_ReadBox_rdrf function in libmp4.c for VLC 0.8.6e allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted MP4 RDRF box that triggers a heap-based buffer overflow, a different vulnerability than CVE-2008-0984.
Integer overflow in the MP4_ReadBox_rdrf function in libmp4.c for VLC ...
Integer overflow in the MP4_ReadBox_rdrf function in libmp4.c for VLC 0.8.6e allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted MP4 RDRF box that triggers a heap-based buffer overflow, a different vulnerability than CVE-2008-0984.
Уязвимость функции MP4_ReadBox_rdrf (libmp4.c) программы-медиапроигрывателя VideoLAN VLC, позволяющая нарушителю вызвать отказ в обслуживании
EPSS
6.8 Medium
CVSS2