Vulnerability CVE-2008-3732: Information

Description

Integer overflow in the Open function in modules/demux/tta.c in VLC Media Player 0.8.6i allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TTA file, which triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information.

Severity: CRITICAL (9.3)

URL: https://nvd.nist.gov/vuln/detail/CVE-2008-3732
Published: Aug. 20, 2008
Modified: Sept. 29, 2017
Error type identifier: CWE-189

References to Advisories, Solutions, and Tools

Hyperlink
Resource
http://www.orange-bat.com/adv/2008/adv.08.16.txt
  • Exploit
30718
    31512
    • Vendor Advisory
    GLSA-200809-06
      4170
        ADV-2008-2394
          vlc-mediaplayer-open-bo(44510)
            6252
              oval:org.mitre.oval:def:14570

                  1. Configuration 1

                    cpe:2.3:a:videolan:vlc_media_player:0.8.6i:*:*:*:*:*:*:*
                VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
                Version: v24.4.2
                Back to top