NotCVE - vendor:"Videolan" product:"Vlc" version:"0.8.6e"

Page 4 of 21 results (0.005 seconds)

CVSS: 6.8EPSS: 2%CPEs: 60EXPL: 0

CVE-2008-1768

https://notcve.org/view.php?id=CVE-2008-1768

Multiple integer overflows in VLC before 0.8.6f allow remote attackers to cause a denial of service (crash) via the (1) MP4 demuxer, (2) Real demuxer, and (3) Cinepak codec, which triggers a buffer overflow. Múltiples desbordamientos de enteros en VLC anterior a 0.8.6f, permite a atacantes remotos provocar una denegación de servicio (caída) a través del demultiplexador (1) MP4, (2) Real y (3) el codec Cinepak, que inicia el desbordamiento de búfer. • http://secunia.com/advisories/29503 http://secunia.com/advisories/29800 http://security.gentoo.org/glsa/glsa-200804-25.xml http://wiki.videolan.org/Changelog/0.8.6f http://www.securityfocus.com/bid/28903 http://www.videolan.org/developers/vlc/NEWS http://www.videolan.org/security/sa0803.php http://www.vupen.com/english/advisories/2008/0985 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14412 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 6.8EPSS: 1%CPEs: 60EXPL: 1

CVE-2008-1769 – Kantaris 0.3.4 - SSA Subtitle Local Buffer Overflow

https://notcve.org/view.php?id=CVE-2008-1769

VLC before 0.8.6f allow remote attackers to cause a denial of service (crash) via a crafted Cinepak file that triggers an out-of-bounds array access and memory corruption. VLC versions anteriores a la 0.8.6f, permite a atacantes remotos provocar una denegación de servicio (caída) a través de un Cinepak manipulado que dispara un acceso a array fuera de límite y una corrupción de memoria. • https://www.exploit-db.com/exploits/5498 http://bugs.gentoo.org/show_bug.cgi?id=214627#c3 http://git.videolan.org/gitweb.cgi/vlc.git/?a=commit%3Bh=cf489d7bff3c1b36b2d5501ecf21129c78104d98 http://secunia.com/advisories/29503 http://secunia.com/advisories/29800 http://security.gentoo.org/glsa/glsa-200804-25.xml http://wiki.videolan.org/Changelog/0.8.6f http://www.securityfocus.com/bid/28904 http://www.videolan.org/developers/vlc/NEWS http://www.videolan.org/security/sa0803. • CWE-399: Resource Management Errors •

CVSS: 6.8EPSS: 22%CPEs: 1EXPL: 2

CVE-2008-1881 – VideoLAN VLC Media Player 0.8.6d SSA Parsing Double Sh311 - Universal

https://notcve.org/view.php?id=CVE-2008-1881

Stack-based buffer overflow in the ParseSSA function (modules/demux/subtitle.c) in VLC 0.8.6e allows remote attackers to execute arbitrary code via a long subtitle in an SSA file. NOTE: this issue is due to an incomplete fix for CVE-2007-6681. Desbordamiento de búfer basado en pila en la función ParseSSA (modules/demux/subtitle.c) en VLC 0.8.6e permite a atacantes remotos ejecutar código de su elección mediante un subtitulo largeo en un archivo SSA. NOTA: este problema es debido a una corrección incompleta para CVE-2007-6681. • https://www.exploit-db.com/exploits/5667 https://www.exploit-db.com/exploits/5250 http://aluigi.altervista.org/adv/vlcboffs-adv.txt http://aluigi.org/adv/vlcboffs-adv.txt http://secunia.com/advisories/28233 http://secunia.com/advisories/29800 http://security.gentoo.org/glsa/glsa-200804-25.xml http://wiki.videolan.org/Changelog/0.8.6f http://www.securityfocus.com/archive/1/489698 http://www.securityfocus.com/bid/28251 http://www.securityfocus.com/bid/28274 https&# • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 6.8EPSS: 2%CPEs: 1EXPL: 2

CVE-2008-1489 – Kantaris 0.3.4 - SSA Subtitle Local Buffer Overflow

https://notcve.org/view.php?id=CVE-2008-1489

Integer overflow in the MP4_ReadBox_rdrf function in libmp4.c for VLC 0.8.6e allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted MP4 RDRF box that triggers a heap-based buffer overflow, a different vulnerability than CVE-2008-0984. Desbordamiento de entero en la función MP4_ReadBox_rdrf de libmp4.c para VLC 0.8.6e permite a atacantes remotos provocar una denegación de servicio (caída) y posiblemente ejecutar código de su elección a través de una MP4 RDRF box manipulada que dispara un desbordamiento de búfer basado en montículo, una vulnerabilidad distinta a CVE-2008-0984. • https://www.exploit-db.com/exploits/5498 http://secunia.com/advisories/29503 http://secunia.com/advisories/29766 http://secunia.com/advisories/29800 http://security.gentoo.org/glsa/glsa-200804-25.xml http://trac.videolan.org/vlc/changeset/09572892df7e72c0d4e598c0b5e076cf330d8b0a http://wiki.videolan.org/Changelog/0.8.6f http://www.debian.org/security/2008/dsa-1543 http://www.securityfocus.com/bid/28433 http://www.videolan.org/security/sa0803.php http://www.vupen.com/english/ • CWE-189: Numeric Errors •

CVSS: 7.5EPSS: 30%CPEs: 1EXPL: 2

CVE-2007-6681 – Kantaris 0.3.4 - SSA Subtitle Local Buffer Overflow

https://notcve.org/view.php?id=CVE-2007-6681

Stack-based buffer overflow in modules/demux/subtitle.c in VideoLAN VLC 0.8.6d allows remote attackers to execute arbitrary code via a long subtitle in a (1) MicroDvd, (2) SSA, and (3) Vplayer file. Desbordamiento de búfer basado en pila en modules/demux/subtitle.c de VideoLAN VLC 0.8.6d permite a atacantes remotos ejecutar código de su elección mediante un subtítulo largo en un fichero (1) MicroDvd, (2) SSA, y (3) Vplayer. • https://www.exploit-db.com/exploits/5498 http://aluigi.altervista.org/adv/vlcboffs-adv.txt http://mailman.videolan.org/pipermail/vlc-devel/2007-June/032672.html http://mailman.videolan.org/pipermail/vlc-devel/2007-June/033394.html http://osvdb.org/42207 http://secunia.com/advisories/28233 http://secunia.com/advisories/29284 http://secunia.com/advisories/29766 http://secunia.com/advisories/29800 http://security.gentoo.org/glsa/glsa-200804-25.xml http://securityreason.com/ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

1 2 3 4 5