oss-sec mailing list archives

CVE id request: vlc local privilege escalation

From: Nico Golde <oss-security+ml () ngolde de>
Date: Sun, 11 May 2008 01:37:55 +0200

Hi,
can I get a CVE id for vlc?
https://trac.videolan.org/vlc/ticket/1578:

"At startup, VLC recursively scans the modules/ and plugins/ subdirectories
from the current working directory, and tries to execute the vlc_entry__0_8_6
(or another in other VLC versions) symbol from any file matching the
"lib*_plugin.so" pattern."

Patch: http://git.videolan.org/?p=vlc.git;a=commit;h=c7cef4fdd8dd72ce0a45be3cda8ba98df5e83181

Kind regards
Nico

-- 
Nico Golde - http://www.ngolde.de - nion () jabber ccc de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.

Attachment: _bin
Description:

Current thread:

CVE id request: vlc local privilege escalation Nico Golde (May 10)
- Re: CVE id request: vlc local privilege escalation Steven M. Christey (May 12)