CVE-2008-3732
Published: 20 August 2008
Integer overflow in the Open function in modules/demux/tta.c in VLC Media Player 0.8.6i allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TTA file, which triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information.
Priority
Status
Package | Release | Status |
---|---|---|
vlc Launchpad, Ubuntu, Debian |
dapper |
Ignored
(end of life)
|
feisty |
Ignored
(end of life, was needs-triage)
|
|
gutsy |
Ignored
(end of life, was needs-triage)
|
|
hardy |
Released
(0.8.6.release.e+x264svn20071224+faad2.6.1-0ubuntu3.2)
|
|
intrepid |
Not vulnerable
(0.9.4-1ubuntu2)
|
|
jaunty |
Not vulnerable
(0.9.4-1ubuntu2)
|
|
karmic |
Not vulnerable
(0.9.4-1ubuntu2)
|
|
upstream |
Released
(0.8.6.h-2)
|