[VLC] Format string injection in Vorbis, Theora, SAP and CDDA plugins
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| vlc (Ubuntu) |
Fix Released
|
Medium
|
Unassigned | ||
Bug Description
Binary package hint: vlc
From:
http://
Affected versions:
VLC media player 0.8.6b and earlier
Details:
VLC media player Ogg/Vorbis, Ogg/Theora, CDDA (CD Digital Audio) and SAP (Service Announce Protocol) plugins are prone to a C-style format string vulnerability when trying to parse a media data stream.
Valid but carefully crafted .ogg (Vorbis) or .ogm (Theora) files, CDDB entries or SAP/SDP messages can trigger the bug. We therefore consider this bug to have a high severity.
Impact:
If successful, a malicious third party could use this vulnerability to execute arbitrary code within the context of VLC media player (i.e. acquire local user privileges on the vulnerable system), or crash the player instance.
For the complete security advisory, please visit
http://
Although VLC is part of Universe, fixed packages would be greatly appreciated.
Related branches
| Changed in vlc: | |
| importance: | Undecided → Medium |
| status: | New → Confirmed |
| Matti Lindell (mlind) wrote | #1 |
| Changed in vlc: | |
| status: | Confirmed → Fix Released |
| disabled.user (disabled.user-deactivatedaccount) wrote | #2 |
| Changed in vlc: | |
| status: | Fix Released → Confirmed |
| Matti Lindell (mlind) wrote | #3 |
| Changed in vlc: | |
| status: | Confirmed → Fix Released |
vlc (0.8.6.
* SECURITY UPDATE: Format string injection in multiple plugins could
lead to arbitrary code execution and/or DoS.
* New upstream security and bugfix release, 0.8.6c (LP: #121511).
* References
CVE-2007-0256
CVE-2007-3316
* debian/patches/: Remove 020_flac.diff and 030_CVE-
(subsumed by new upstream release).
* debian/
-- Daniel T Chen <email address hidden> Mon, 25 Jun 2007 01:53:37 -0400