Re: CVE request: VLC bookmark buffer overflow

[Josh Bressers <bressers () redhat com>]

----- Original Message -----
> Can I get CVE-identifier for this issue:
>
> "VLC media player is vulnerable to a buffer overflow attack when
> processing .mp3 file and its metadata. It fails to perform boundry
> checks when creating a bookmark from the malicious media file playing,
> resulting in a crash, overwriting ECX register. While the evil .mp3 is
> playing, you go Playback > Bookmarks > Manage bookmarks > Create."
>
> References:
> http://osvdb.org/show/osvdb/62728/printer

Please use CVE-2011-1087

Thanks.

-- 
    JB