VLC Media Player buffer overflow - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

VLC Media Player buffer overflow
updated since 03.01.2007
Published: 21.01.2007
Source: MILW0RM
SecurityVulns ID: 6990
Type: client
Level: 5/10
Description: Buffer overflow on oversized udp:// URI during M3U file parsing.

Affected: XINE : xine 0.99
VLC : VLC Media Player 0.8
CVE: CVE-2007-0256 (VideoLAN VLC 0.8.6a allows remote attackers to cause a denial of service (application crash) via a crafted .wmv file.)
CVE-2007-0255 (XINE 0.99.4 allows user-assisted remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a certain M3U file that contains a long #EXTINF line and contains format string specifiers in an invalid udp:// URI, possibly a variant of CVE-2007-0017.)
CVE-2007-0017 (Multiple format string vulnerabilities in (1) the cdio_log_handler function in modules/access/cdda/access.c in the CDDA (libcdda_plugin) plugin, and the (2) cdio_log_handler and (3) vcd_log_handler functions in modules/access/vcdx/access.c in the VCDX (libvcdx_plugin) plugin, in VideoLAN VLC 0.7.0 through 0.8.6 allow user-assisted remote attackers to execute arbitrary code via format string specifiers in an invalid URI, as demonstrated by a udp://-- URI in an M3U file.)

Original document MOAB, MOAB-02-01-2007: VLC Media Player udp:// Format String Vulnerability (21.01.2007)

Files: Exploits VLC Player for OSX to execute arbitrary code
Exploits VLC Player for OSX to execute arbitrary code (PPC)
VLC media player 0.8.6a Denial of Service
Discuss: Read or add your comments to this news (0 comments)

test server