Security problem with VLC media player (upgrade to version 0.9.8a recommended)

Bug #305100 reported by Bartosz Kosiorek on 2008-12-04
This bug affects 2 people
Affects Status Importance Assigned to Milestone
vlc (Ubuntu)

Bug Description

Binary package hint: vlc

When parsing the header of an invalid Real Media file an integer overflow might occur then trigger a heap-based buffer overflows.

If successful, a malicious third party could trigger execution of arbitrary code within the context of the VLC media player.

VLC media player 0.9.8a addresses this issue. Patches for older versions are available from the official VLC source code repository 0.9-bugfix branch.

The details of this bug is available at:

The source code of the VLC 0.9.8a is located at:

Related branches

CVE References

Chris Coulson (chrisccoulson) wrote :

Thank you for your bug report.

Changed in vlc:
importance: Undecided → Medium
status: New → Triaged
Reinhard Tartler (siretart) wrote :

I've just uploaded version 0.9.8a to experimental. now needs merging in ubuntu

Launchpad Janitor (janitor) wrote :

This bug was fixed in the package vlc - 0.9.8a-1ubuntu1

vlc (0.9.8a-1ubuntu1) jaunty; urgency=low

  * merge from debian. LP: #300328, #305100, #289263
  * Fixes CVE-2008-5276
  * remaining changes
    - build against libxul-dev instead of iceape-dev
    - build against libdca-dev, libass-dev and libx264-dev
    - build against and install libx264 plugin
    - adjust Vcs-Bzr Headers in debian/control
    - add Xb-Npp header to vlc package
    - debian/patches/301_DVD_media.diff: Change %U to %f
       in VLC .desktop file, cf LP #275043

vlc (0.9.8a-1) experimental; urgency=low

  * New upstream release
    + Fix integer overflow in Real demux (VideoLAN SA-2008-11, CVE-2008-5276)
  * Enable RealRTSP access module
  * Depends on libv4l-dev to add support of some webcam
  * Don't rebootstrap. The packages causing troubles previously have been fixed

 -- Reinhard Tartler <email address hidden> Sun, 07 Dec 2008 23:12:27 +0100

Changed in vlc:
status: Triaged → Fix Released
To post a comment you must log in.
This report contains Public Security information  Edit
Everyone can see this security related information.

Duplicates of this bug

Other bug subscribers