CVE-2007-6683 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2007-6683
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2007-6683

Description: The browser plugin in VideoLAN VLC 0.8.6d allows remote attackers to overwrite arbitrary files via (1) the :demuxdump-file option in a filename in a playlist, or (2) a EXTVLCOPT statement in an MP3 file, possibly an argument injection vulnerability.

CVE Status: Candidate

References: SAID Secunia Advisory: SA29284 Secunia Advisory: SA29766 OSVDB 42205 42206 MLIST http://mailman.videolan.org/pipermail/vlc-devel/2007-December/037726.html GENTOO http://www.gentoo.org/security/en/glsa/glsa-200803-13.xml DEBIAN http://www.debian.org/security/2008/dsa-1543 CONFIRM BID 28712

Return to the previous page.