oss-sec mailing list archives
CVE request: vlc
From: Nico Golde <oss-security+ml () ngolde de>
Date: Tue, 26 Feb 2008 19:32:30 +0100
Hi Steve, can I get a CVE id for vlc because of the following issue? The mp4 demuxer of vlc is missing validation of array boundaries and thus allows overwriting arbitrary memory. For more details see: http://www.videolan.org/security/sa0802.html Patch: http://www.videolan.org/patches/vlc-0.8.6-CORE-2008-0130.patch Cheers Nico -- Nico Golde - http://www.ngolde.de - nion () jabber ccc de - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted.
Attachment:
_bin
Description:
Current thread:
- CVE request: vlc Nico Golde (Feb 26)
- Re: CVE request: vlc Steven M. Christey (Feb 26)
- Re: CVE request: vlc Nico Golde (Feb 26)
- Re: CVE request: vlc Steven M. Christey (Feb 26)