CVE-2008-0984

  1. Yack CVE
  2. Vulnerabilities (CVE)
  3. CVE-2008-0984

9.3 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability : 8.6 / Impact : 10.0

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

T

he MP4 demuxer (mp4.c) for VLC media player 0.8.6d and earlier, as used in Miro Player 1.1 and earlier, allows remote attackers to overwrite arbitrary memory and execute arbitrary code via a malformed MP4 file.

References
Link Resource
http://lists.grok.org.uk/pipermail/full-disclosure/2008-February/060481.html
http://secunia.com/advisories/29122 Vendor Advisory
http://secunia.com/advisories/29153 Vendor Advisory
http://secunia.com/advisories/29284 Vendor Advisory
http://secunia.com/advisories/29766 Vendor Advisory
http://www.coresecurity.com/?action=item&id=2147
http://www.debian.org/security/2008/dsa-1543
http://www.gentoo.org/security/en/glsa/glsa-200803-13.xml
http://www.securityfocus.com/archive/1/488841/100/0/threaded
http://www.securityfocus.com/bid/28007
http://www.securitytracker.com/id?1019510
http://www.videolan.org/security/sa0802.html Patch
http://www.vupen.com/english/advisories/2008/0682 Vendor Advisory
http://lists.grok.org.uk/pipermail/full-disclosure/2008-February/060481.html
http://secunia.com/advisories/29122 Vendor Advisory
http://secunia.com/advisories/29153 Vendor Advisory
http://secunia.com/advisories/29284 Vendor Advisory
http://secunia.com/advisories/29766 Vendor Advisory
http://www.coresecurity.com/?action=item&id=2147
http://www.debian.org/security/2008/dsa-1543
http://www.gentoo.org/security/en/glsa/glsa-200803-13.xml
http://www.securityfocus.com/archive/1/488841/100/0/threaded
http://www.securityfocus.com/bid/28007
http://www.securitytracker.com/id?1019510
http://www.videolan.org/security/sa0802.html Patch
http://www.vupen.com/english/advisories/2008/0682 Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:miro:miro_player:*:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:*:*:*:*:*:*:*:*
History

21 Nov 2024, 00:43

Type Values Removed Values Added
References () http://lists.grok.org.uk/pipermail/full-disclosure/2008-February/060481.html - () http://lists.grok.org.uk/pipermail/full-disclosure/2008-February/060481.html -
References () http://secunia.com/advisories/29122 - Vendor Advisory () http://secunia.com/advisories/29122 - Vendor Advisory
References () http://secunia.com/advisories/29153 - Vendor Advisory () http://secunia.com/advisories/29153 - Vendor Advisory
References () http://secunia.com/advisories/29284 - Vendor Advisory () http://secunia.com/advisories/29284 - Vendor Advisory
References () http://secunia.com/advisories/29766 - Vendor Advisory () http://secunia.com/advisories/29766 - Vendor Advisory
References () http://www.coresecurity.com/?action=item&id=2147 - () http://www.coresecurity.com/?action=item&id=2147 -
References () http://www.debian.org/security/2008/dsa-1543 - () http://www.debian.org/security/2008/dsa-1543 -
References () http://www.gentoo.org/security/en/glsa/glsa-200803-13.xml - () http://www.gentoo.org/security/en/glsa/glsa-200803-13.xml -
References () http://www.securityfocus.com/archive/1/488841/100/0/threaded - () http://www.securityfocus.com/archive/1/488841/100/0/threaded -
References () http://www.securityfocus.com/bid/28007 - () http://www.securityfocus.com/bid/28007 -
References () http://www.securitytracker.com/id?1019510 - () http://www.securitytracker.com/id?1019510 -
References () http://www.videolan.org/security/sa0802.html - Patch () http://www.videolan.org/security/sa0802.html - Patch
References () http://www.vupen.com/english/advisories/2008/0682 - Vendor Advisory () http://www.vupen.com/english/advisories/2008/0682 - Vendor Advisory
Information

Published : 2008-02-26 19:44

Updated : 2025-04-09 00:30

NVD link : CVE-2008-0984

Mitre link : CVE-2008-0984

CVE.ORG link : CVE-2008-0984

JSON object : View

Products Affected

miro

videolan

CWE
CWE-399

Resource Management Errors