Lucene search
Ubuntu.comUB:CVE-2008-0295HistoryJan 16, 2008 - 12:00 a.m.
CVE-2008-0295
2008-01-1600:00:00
ubuntu.com
ubuntu.com
8
CVSS2
8.5
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:S/C:C/I:C/A:C
EPSS
0.047
Percentile
92.8%
Heap-based buffer overflow in modules/access/rtsp/real_sdpplin.c in the
Xine library, as used in VideoLAN VLC Media Player 0.8.6d and earlier,
allows user-assisted remote attackers to cause a denial of service (crash)
or execute arbitrary code via long Session Description Protocol (SDP) data.
Notes
| Author | Note |
|---|---|
| jdstrand | per Debian this does not affect xine-lib, just vlc as it ships a really old version |
Related
prion
prion
Heap overflow
2008-01-16 22:00:00
cvelist
cvelist
CVE-2008-0295
2008-01-16 21:00:00
cve
cve
CVE-2008-0295
2008-01-16 22:00:00
debiancve
debiancve
CVE-2008-0295
2008-01-16 22:00:00
nvd
nvd
CVE-2008-0295
2008-01-16 22:00:00
gentoo
gentoo
VLC: Multiple vulnerabilities
2008-03-07 00:00:00
exploitdb
exploitdb
Kantaris 0.3.4 - SSA Subtitle Local Buffer Overflow
2008-04-25 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200803-13 (vlc)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200803-13 (vlc)
2008-09-24 00:00:00
Debian Security Advisory DSA 1543-1 (vlc)
2008-04-21 00:00:00
nessus
nessus
GLSA-200803-13 : VLC: Multiple vulnerabilities
2008-03-13 00:00:00
Debian DSA-1543-1 : vlc - several vulnerabilities
2008-04-17 00:00:00
osv
osv
vlc - several vulnerabilities
2008-04-09 00:00:00
debian
debian
[SECURITY] [DSA 1543-1] New vlc packages fix several vulnerabilities
2008-04-09 19:26:06
CVSS2
8.5
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:S/C:C/I:C/A:C
EPSS
0.047
Percentile
92.8%
Related for UB:CVE-2008-0295