Attachment 91852 Details for Bug 129356 – file.txt

file.txt

file.txt (text/plain), 1.37 KB, created by Joseph S. Atkinson on 2008-12-02 01:40:00 UTC

(hide)

Description:

Filename:

MIME Type:

Creator: Joseph S. Atkinson

Created: 2008-12-02 01:40:00 UTC

Size: 1.37 KB

patch

obsolete

><vuln vid="1972d685-c010-11dd-a69e-000d8825e644">
>	<topic>Real Media integer overflow might trigger heap-based buffer overflow in vlc-devel</topic>
>		<affects>
>			<package>
>				<name>vlc-devel</name>
>				<range><gt>0.9.*,2</gt><lt>0.9.8,3</lt></range>
>			</package>
>		</affects>
>		<description>
>			<body xmlns="http://www.w3.org/1999/xhtml">
>				Tobias Klein (tk@trapkit.de) identified:
>				<blockquote cite="http://www.trapkit.de/advisories/TKADV2008-013.txt">
>					The VLC media player contains an integer overflow vulnerability while parsing malformed RealMedia (.rm) files. The vulnerability leads to a heap overflow that can be exploited by a (remote) attacker to execute arbitrary code in the context of VLC media player.
>				</blockquote>
>				The VideoLAN Security Advisory 0811 entry states:
>				<blockquote cite="http://www.videolan.org/security/sa0811.html">
>					When parsing the header of an invalid Real Media file an integer overflow might occur then trigger a heap-based buffer overflows.
> 				</blockquote>
>			</body>
>		</description>
>	<references>
>	 	<freebsdpr>ports/129355</freebsdpr>
>	 	<cvename>CVE-2008-5276</cvename>
>		<url>http://www.trapkit.de/advisories/TKADV2008-013.txt</url>
>		<url>http://www.videolan.org/security/sa0811.html</url>
>	</references>
>	<dates>
>		<discovery>2008-11-14</discovery>
>		<entry>2008-12-01</entry>
>	</dates>
> </vuln>

Actions: View

Attachments on bug 129356: 91852