|
|
CVE Reference: CVE-2008-1489 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2008-1489 |
|
|
Description: Integer overflow in the MP4_ReadBox_rdrf function in libmp4.c for VLC 0.8.6e allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted MP4 RDRF box that triggers a heap-based buffer overflow, a different vulnerability than CVE-2008-0984. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/41412 SAID Secunia Advisory: SA29503 Secunia Advisory: SA29766 Secunia Advisory: SA29800 OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:14841 GENTOO http://security.gentoo.org/glsa/glsa-200804-25.xml DEBIAN http://www.debian.org/security/2008/dsa-1543 CONFIRM http://www.videolan.org/security/sa0803.php http://wiki.videolan.org/Changelog/0.8.6f http://trac.videolan.org/vlc/changeset/09572892df7e72c0d4e598c0b5e076cf330d8b0a BID 28433 |
|
| Return to the previous page. |
