CVE-2008-1769
Vulnerability Summary
Timeline
Description
VLC before 0.8.6f allow remote attackers to cause a denial of service (crash) via a crafted Cinepak file that triggers an out-of-bounds array access and memory corruption.
CVSS Metrics
- v2.0•MEDIUM•Score: 6.8AV:N/AC:M/Au:N/C:P/I:P/A:P
EPSS Trends
Current EPSS score: 26.63%• Percentile: 96%
Techniques & Countermeasures
- CWE-399•Resource Management Errors
Weaknesses in this category are related to improper management of system resources.
Affected Systems
- videolan•vlc
0.1.99 | 0.1.99a | 0.1.99b | 0.1.99c | 0.1.99d | 0.1.99e | 0.1.99f | 0.1.99g | 0.1.99h | 0.1.99i | 0.2.0 | 0.2.50 | 0.2.60 | 0.2.61 | 0.2.62 | 0.2.63 | 0.2.70 | 0.2.71 | 0.2.72 | 0.2.73 | 0.2.80 | 0.2.81 | 0.2.82 | 0.2.83 | 0.2.90 | 0.2.91 | 0.2.92 | 0.3.0 | 0.3.1 | 0.4.0 | 0.4.1 | 0.4.2 | 0.4.3 | 0.4.3_ac3 | 0.4.4 | 0.4.5 | 0.4.6 | 0.5.0 | 0.5.1 | 0.5.2 | 0.5.3 | 0.6.0 | 0.6.1 | 0.6.2 | 0.7.0 | 0.7.1 | 0.7.2 | 0.8.0 | 0.8.1 | 0.8.2 | 0.8.4 | 0.8.4a | 0.8.5 | 0.8.6 | 0.8.6a | 0.8.6b | 0.8.6c | 0.8.6d | 0.8.6e | 0.8.1337
References (11)
- http://www.videolan.org/security/sa0803.php
- http://git.videolan.org/gitweb.cgi/vlc.git/?a=commit%3Bh=cf489d7bff3c1b36b2d5501ecf21129c78104d98
- http://www.videolan.org/developers/vlc/NEWS
- http://security.gentoo.org/glsa/glsa-200804-25.xml
- http://wiki.videolan.org/Changelog/0.8.6f
- http://www.securityfocus.com/bid/28904
- http://secunia.com/advisories/29800
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14445
- http://secunia.com/advisories/29503
- http://bugs.gentoo.org/show_bug.cgi?id=214627#c3
- http://www.vupen.com/english/advisories/2008/0985