Launchpad CVE tracker

CVE 2007-3467

Integer overflow in the __status_Update function in stats.c VideoLAN VLC Media Player before 0.8.6c allows remote attackers to cause a denial of service (crash) via a WAV file with a large sample rate.

Related bugs and status

CVE-2007-3467 (Candidate) is related to these bugs:

Bug #122207: vlc before 0.8.6c allows arbitrary code execution via a multitude of vectors

		In	Importance	Status
122207	vlc before 0.8.6c allows arbitrary code execution via a multitude of vectors	vlc (Ubuntu)	High	Fix Released
122207	vlc before 0.8.6c allows arbitrary code execution via a multitude of vectors	vlc (Ubuntu Dapper)	High	Invalid
122207	vlc before 0.8.6c allows arbitrary code execution via a multitude of vectors	vlc (Ubuntu Edgy)	High	Won't Fix
122207	vlc before 0.8.6c allows arbitrary code execution via a multitude of vectors	vlc (Ubuntu Feisty)	High	Won't Fix
122207	vlc before 0.8.6c allows arbitrary code execution via a multitude of vectors	vlc (Ubuntu Gutsy)	High	Fix Released
122207	vlc before 0.8.6c allows arbitrary code execution via a multitude of vectors	VLC media player	Undecided	Fix Released
122207	vlc before 0.8.6c allows arbitrary code execution via a multitude of vectors	vlc (Debian)	Unknown	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2007-3467

References