Информационная безопасность
[RU] switch to English


Целочисленное переполнение в VLC Media Player
дополнено с 3 июля 2008 г.
Опубликовано:9 сентября 2008 г.
Источник:
SecurityVulns ID:9123
Тип:клиент
Уровень опасности:
6/10
Описание:Целочисленное переполнение при разборе файлов WAV, TTA.
Затронутые продукты:VLC : VLC Media Player 0.8
CVE:CVE-2008-3794 (Integer signedness error in the mms_ReceiveCommand function in modules/access/mms/mmstu.c in VLC Media Player 0.8.6i allows remote attackers to execute arbitrary code via a crafted mmst link with a negative size value, which bypasses a size check and triggers an integer overflow followed by a heap-based buffer overflow.)
 CVE-2008-3732 (Integer overflow in the Open function in modules/demux/tta.c in VLC Media Player 0.8.6i allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TTA file, which triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information.)
 CVE-2008-2430 (Integer overflow in the Open function in modules/demux/wav.c in VLC Media Player 0.8.6h on Windows allows remote attackers to execute arbitrary code via a large fmt chunk in a WAV file.)
Оригинальный текстdocumentGENTOO, [ GLSA 200809-06 ] VLC: Multiple vulnerabilities (09.09.2008)
 documentSECUNIA, Secunia Research: VLC Media Player WAV Processing Integer Overflow (03.07.2008)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород