CVE-2008-1489 - CVE Reference - Advisories

CVE Reference: CVE-2008-1489

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2008-1489

Description: Integer overflow in the MP4_ReadBox_rdrf function in libmp4.c for VLC 0.8.6e allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted MP4 RDRF box that triggers a heap-based buffer overflow, a different vulnerability than CVE-2008-0984.

CVE Status: Candidate

References: SAID Secunia Advisory: SA29503 Secunia Advisory: SA29766 Secunia Advisory: SA29800 GENTOO http://security.gentoo.org/glsa/glsa-200804-25.xml DEBIAN http://www.debian.org/security/2008/dsa-1543 CONFIRM http://wiki.videolan.org/Changelog/0.8.6f http://www.videolan.org/security/sa0803.php http://trac.videolan.org/vlc/changeset/09572892df7e72c0d4e598c0b5e076cf330d8b0a

Return to the previous page.

Secunia PSI
Scan | Patch | Track
Free Download

Secunia Poll

Most Popular Advisories

1.	Zarafa Script Insertion Vulnerabilities

2.	Yahoo! Assistant yNotifier.dll ActiveX Control Code Execution

3.	Cyberfolio "rep" File Inclusion Vulnerability

4.	SazCart Multiple File Inclusion Vulnerabilities

5.	vShare YouTube Clone "tid" SQL Injection Vulnerability

6.	Slackware update for thunderbird

7.	Slackware update for php

8.	InfoBiz Server "keywords" Cross-Site Scripting Vulnerability

9.	Ubuntu update for vorbis-tools

10.	Maian Guestbook footer.php Cross-Site Scripting Vulnerabilities