Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2010-1445

Heap-based buffer overflow in VideoLAN VLC media player before 1.0.6 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted byte stream in an RTMP session.

Related bugs and status

CVE-2010-1445 (Candidate) is related to these bugs:

Bug #568859: vlc 1.0.6 fixes security issues

		In	Importance	Status
568859	vlc 1.0.6 fixes security issues	vlc (Ubuntu)	Undecided	Fix Released
568859	vlc 1.0.6 fixes security issues	vlc (Debian)	Unknown	Fix Released
568859	vlc 1.0.6 fixes security issues	VLC media player	Undecided	Fix Released
568859	vlc 1.0.6 fixes security issues	Hardy Backports	Undecided	Invalid
568859	vlc 1.0.6 fixes security issues	Jaunty Jackalope Backports	Undecided	Invalid
568859	vlc 1.0.6 fixes security issues	Karmic Backports	Undecided	Invalid

See the

CVE page on Mitre.org for more details.

References

MLIST: [oss-security] 2010042...
CONFIRM: http://www.videolan.or...