[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248149

 
 

909

 
 

194803

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2008-0984Date: (C)2008-02-26   (M)2023-12-22


The MP4 demuxer (mp4.c) for VLC media player 0.8.6d and earlier, as used in Miro Player 1.1 and earlier, allows remote attackers to overwrite arbitrary memory and execute arbitrary code via a malformed MP4 file.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 9.3
Exploit Score: 8.6
Impact Score: 10.0
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE
  
Reference:
SECTRACK-1019510
http://www.securityfocus.com/archive/1/488841/100/0/threaded
BID-28007
SECUNIA-29122
SECUNIA-29153
SECUNIA-29284
SECUNIA-29766
ADV-2008-0682
DSA-1543
GLSA-200803-13
http://www.coresecurity.com/?action=item&id=2147
http://www.videolan.org/security/sa0802.html

CPE    1
cpe:/a:videolan:vlc_media_player
CWE    1
CWE-399
OVAL    2
oval:org.mitre.oval:def:7830
oval:org.secpod.oval:def:16857

© SecPod Technologies