Lucene search
GoogleOSV:DSA-2043-1HistoryMay 11, 2010 - 12:00 a.m.
vlc - arbitrary code execution
2010-05-1100:00:00
Google
osv.dev
8
0.095 Low
EPSS
Percentile
94.8%
tixxDZ (DZCORE labs) discovered a vulnerability in vlc, the multimedia
player and streamer. Missing data validation in vlc’s real data transport
(RDT) implementation enable an integer underflow and consequently an
unbounded buffer operation. A maliciously crafted stream could thus enable
an attacker to execute arbitrary code.
No Common Vulnerabilities and Exposures project identifier is available for
this issue.
For the stable distribution (lenny), this problem has been fixed in version
0.8.6.h-4+lenny2.3.
For the testing distribution (squeeze), this problem was fixed in version
1.0.1-1.
We recommend that you upgrade your vlc packages.
| CPE | Name | Operator | Version |
|---|---|---|---|
| vlc | eq | 0.8.6.h-4+lenny2 |
References
Related
openvas
openvas
Debian: Security Advisory (DSA-2043-1)
2010-06-03 00:00:00
osv
osv
mplayer - arbitrary code execution
2010-05-11 00:00:00
ubuntucve
ubuntucve
CVE-2010-2062
2014-12-26 00:00:00
cve
cve
CVE-2010-2062
2014-12-26 20:59:07
CVE-2009-5027
2014-12-26 20:59:00
prion
prion
Integer overflow
2014-12-26 20:59:00
nvd
nvd
CVE-2010-2062
2014-12-26 20:59:07
CVE-2009-5027
2014-12-26 20:59:00
debiancve
debiancve
CVE-2010-2062
2014-12-26 20:59:07
cvelist
cvelist
CVE-2010-2062
2014-12-26 20:00:00
nessus
nessus
GLSA-201310-13 : MPlayer: Multiple vulnerabilities
2013-10-27 00:00:00
GLSA-201411-01 : VLC: Multiple vulnerabilities
2014-11-06 00:00:00
gentoo
gentoo
MPlayer: Multiple vulnerabilities
2013-10-25 00:00:00
VLC: Multiple vulnerabilities
2014-11-05 00:00:00