Описание
Integer signedness error in the mms_ReceiveCommand function in modules/access/mms/mmstu.c in VLC Media Player 0.8.6i allows remote attackers to execute arbitrary code via a crafted mmst link with a negative size value, which bypasses a size check and triggers an integer overflow followed by a heap-based buffer overflow.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | ignored | end of life |
| devel | not-affected | 1.0.0~rc2-1ubuntu1 |
| feisty | ignored | end of life, was needed |
| gutsy | ignored | end of life, was needed |
| hardy | released | 0.8.6.release.e+x264svn20071224+faad2.6.1-0ubuntu3.2 |
| intrepid | not-affected | 0.9.4-1ubuntu3.1 |
| jaunty | not-affected | 0.9.9a-2ubuntu1 |
| karmic | not-affected | 1.0.0~rc2-1ubuntu1 |
| upstream | needs-triage |
Показывать по
Ссылки на источники
EPSS
6.8 Medium
CVSS2
Связанные уязвимости
Integer signedness error in the mms_ReceiveCommand function in modules/access/mms/mmstu.c in VLC Media Player 0.8.6i allows remote attackers to execute arbitrary code via a crafted mmst link with a negative size value, which bypasses a size check and triggers an integer overflow followed by a heap-based buffer overflow.
Integer signedness error in the mms_ReceiveCommand function in modules ...
Integer signedness error in the mms_ReceiveCommand function in modules/access/mms/mmstu.c in VLC Media Player 0.8.6i allows remote attackers to execute arbitrary code via a crafted mmst link with a negative size value, which bypasses a size check and triggers an integer overflow followed by a heap-based buffer overflow.
Уязвимость функции mms_ReceiveCommand (modules/access/mms/mmstu.c) программы-медиапроигрывателя VideoLAN VLC, позволяющая нарушителю выполнить произвольный код
EPSS
6.8 Medium
CVSS2