CVE 2008-5036
Stack-based buffer overflow in VideoLAN VLC media player 0.9.x before 0.9.6 might allow user-assisted attackers to execute arbitrary code via an an invalid RealText (rt) subtitle file, related to the ParseRealText function in modules/
Related bugs and status
CVE-2008-5036 (Candidate) is related to these bugs:
Bug #285922: vlc: buffer overflow in TY demux
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
285922 | vlc: buffer overflow in TY demux | vlc (Ubuntu) | Undecided | Fix Released | ||
285922 | vlc: buffer overflow in TY demux | vlc (Debian) | Unknown | Fix Released |
Bug #295464: VLC media player RealText Processing Stack Overflow
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
295464 | VLC media player RealText Processing Stack Overflow | vlc (Ubuntu) | Undecided | Fix Released | ||
295464 | VLC media player RealText Processing Stack Overflow | vlc (Ubuntu Hardy) | Undecided | Won't Fix |
Bug #307239: Please backport vlc to 0.9.8a in Intrepid (important security update)
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
307239 | Please backport vlc to 0.9.8a in Intrepid (important security update) | Intrepid Ibex Backports | Undecided | Invalid | ||
307239 | Please backport vlc to 0.9.8a in Intrepid (important security update) | Hardy Backports | Undecided | Invalid | ||
307239 | Please backport vlc to 0.9.8a in Intrepid (important security update) | vlc (Ubuntu) | Undecided | Fix Released | ||
307239 | Please backport vlc to 0.9.8a in Intrepid (important security update) | vlc (Ubuntu Hardy) | Undecided | Won't Fix | ||
307239 | Please backport vlc to 0.9.8a in Intrepid (important security update) | vlc (Ubuntu Intrepid) | Undecided | Invalid | ||
307239 | Please backport vlc to 0.9.8a in Intrepid (important security update) | vlc (Ubuntu Jaunty) | Undecided | Fix Released | ||
307239 | Please backport vlc to 0.9.8a in Intrepid (important security update) | Karmic Backports | Undecided | Invalid |
Bug #313626: Backport 0.9.8a to Intrepid
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
313626 | Backport 0.9.8a to Intrepid | vlc (Ubuntu) | Undecided | New |
See the
CVE page on Mitre.org
for more details.