oss-sec mailing list archives
Re: CVE id request: vlc
From: "Steven M. Christey" <coley () linus mitre org>
Date: Tue, 14 Oct 2008 18:19:24 -0400 (EDT)
====================================================== Name: CVE-2008-4558 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4558 Reference: MISC:http://www.coresecurity.com/content/vlc-xspf-memory-corruption Array index error in VLC media player 0.9.2 allows remote attackers to overwrite arbitrary memory and execute arbitrary code via an XSPF playlist file with a negative identifier tag, which passes a signed comparison.
Current thread:
- CVE id request: vlc Nico Golde (Oct 14)
- Re: CVE id request: vlc Steven M. Christey (Oct 14)
- <Possible follow-ups>
- CVE id request: vlc Nico Golde (Oct 19)
- Re: CVE id request: vlc Steven M. Christey (Oct 22)
- Re: CVE id request: vlc Nico Golde (Oct 22)
- Re: CVE id request: vlc Steven M. Christey (Oct 22)
- CVE id request: vlc Nico Golde (Nov 05)
- Re: CVE id request: vlc Steven M. Christey (Nov 10)
- Re: CVE id request: vlc Nico Golde (Nov 10)
- Re: CVE id request: vlc Steven M. Christey (Nov 10)
- Re: CVE id request: vlc RĂ©mi Denis-Courmont (Nov 11)
- Re: CVE id request: vlc Steven M. Christey (Nov 11)
- Re: CVE id request: vlc Steven M. Christey (Nov 10)