Launchpad.net

CVE 2008-0296

Heap-based buffer overflow in the libaccess_realrtsp plugin in VideoLAN VLC Media Player 0.8.6d and earlier on Windows might allow remote RTSP servers to cause a denial of service (application crash) or execute arbitrary code via a long string.

Related bugs and status

CVE-2008-0296 (Candidate) is related to these bugs:

Bug #196452: Multiple vulnerabilites in vlc prior to 0.8.6e

		In	Importance	Status
196452	Multiple vulnerabilites in vlc prior to 0.8.6e	vlc (Ubuntu)	Undecided	Fix Released
196452	Multiple vulnerabilites in vlc prior to 0.8.6e	vlc (Debian)	Unknown	Fix Released
196452	Multiple vulnerabilites in vlc prior to 0.8.6e	vlc (Ubuntu Dapper)	Undecided	Won't Fix
196452	Multiple vulnerabilites in vlc prior to 0.8.6e	vlc (Ubuntu Edgy)	Undecided	Won't Fix
196452	Multiple vulnerabilites in vlc prior to 0.8.6e	vlc (Ubuntu Feisty)	Undecided	Won't Fix
196452	Multiple vulnerabilites in vlc prior to 0.8.6e	vlc (Ubuntu Gutsy)	Undecided	Won't Fix
196452	Multiple vulnerabilites in vlc prior to 0.8.6e	vlc (Ubuntu Hardy)	Undecided	Fix Released

Bug #214977: [vlc] [DSA-1543-1] several vulnerabilities

Summary				In	Importance	Status
	214977	[vlc] [DSA-1543-1] several vulnerabilities		vlc (Ubuntu)	Undecided	New

See the

CVE page on Mitre.org for more details.

References

MISC: http://aluigi.altervis...
GENTOO: GLSA-200803-13
SECUNIA: 29284
DEBIAN: DSA-1543
SECUNIA: 29766
VUPEN: ADV-2008-0105
OVAL: oval:org.mitre.oval:de...