Computer Security

CVE-2008-2430
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



CVECVE-2008-2430
StatusCandidate
DescriptionInteger overflow in the Open function in modules/demux/wav.c in VLC Media Player 0.8.6h on Windows allows remote attackers to execute arbitrary code via a large fmt chunk in a WAV file.
SeverityHigh
CVSS score9,3
CVSS vector(AV:N/AC:M/Au:N/C:C/I:C/A:C)
PhaseAssigned (27.01.2012)
NVD:http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2430
ReferencesBID : 30058
 BUGTRAQ : 20080702 Secunia Research: VLC Media Player WAV Processing Integer Overflow
 CONFIRM : http://www.videolan.org/developers/vlc/NEWS
 GENTOO : GLSA-200807-13
 MISC : http://secunia.com/secunia_research/2008-29/advisory/
 SECTRACK : 1020429
 SECUNIA : 30601
 SECUNIA : 31317
 SREASON : 3976
 VUPEN : ADV-2008-1995
SecurityVulns:VLC Media Player integer overflow
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server