CVE-2008-0984
Kantaris 0.3.4 - SSA Subtitle Local Buffer Overflow
Severity Score
9.3
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
1
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The MP4 demuxer (mp4.c) for VLC media player 0.8.6d and earlier, as used in Miro Player 1.1 and earlier, allows remote attackers to overwrite arbitrary memory and execute arbitrary code via a malformed MP4 file.
El demultiplexor MP4 (mp4.c) para el reproductor multimedia VLC versión 0.8.6d y anterior, tal y como es usado en Miro Player versión 1.1 y anteriores, permite a los atacantes remotos sobrescribir la memoria arbitraria y ejecutar código arbitrario por medio de un archivo MP4 malformado.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2008-02-26 CVE Reserved
- 2008-02-26 CVE Published
- 2008-04-25 First Exploit
- 2024-07-30 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-399: Resource Management Errors
CAPEC
References (14)
| URL | Tag | Source |
|---|---|---|
| http://lists.grok.org.uk/pipermail/full-disclosure/2008-February/060481.html | Mailing List | |
| http://www.coresecurity.com/?action=item&id=2147 | X_refsource_misc | |
| http://www.securityfocus.com/archive/1/488841/100/0/threaded | Mailing List | |
| http://www.securityfocus.com/bid/28007 | Vdb Entry | |
| http://www.securitytracker.com/id?1019510 | Vdb Entry |
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/5498 | 2008-04-25 |
| URL | Date | SRC |
|---|---|---|
| http://www.videolan.org/security/sa0802.html | 2018-10-15 |
| URL | Date | SRC |
|---|---|---|
| http://secunia.com/advisories/29122 | 2018-10-15 | |
| http://secunia.com/advisories/29153 | 2018-10-15 | |
| http://secunia.com/advisories/29284 | 2018-10-15 | |
| http://secunia.com/advisories/29766 | 2018-10-15 | |
| http://www.debian.org/security/2008/dsa-1543 | 2018-10-15 | |
| http://www.gentoo.org/security/en/glsa/glsa-200803-13.xml | 2018-10-15 | |
| http://www.vupen.com/english/advisories/2008/0682 | 2018-10-15 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Miro Search vendor "Miro" | Miro Player Search vendor "Miro" for product "Miro Player" | <= 1.1 Search vendor "Miro" for product "Miro Player" and version " <= 1.1" | - |
Affected
| ||||||
| Videolan Search vendor "Videolan" | Vlc Media Player Search vendor "Videolan" for product "Vlc Media Player" | <= 0.8.6d Search vendor "Videolan" for product "Vlc Media Player" and version " <= 0.8.6d" | - |
Affected
| ||||||