Is affected the system:
VideoLAN VLC Media Player 0.8.6h
Not affected system:
VideoLAN VLC Media Player 0.8.6i
Description:
--------------------------------------------------------------------------------
BUGTRAQ ID: 30058
CVE(CAN) ID: CVE-2008-2430
VLC Media Player is a section of free media player.
VLC media player modules/demux/wav.c in document Open() function existence integer overflow crack, if the user were deceived opens had ultra long fmt block WAV document, will trigger piles the overflow, caused to carry out the random order.
<* origin: Alin Rad Pop
Link: http://secunia.com/secunia_research/2008-29/advisory/
http://www.videolan.org/developers/vlc/NEWS
*>
Suggested:
--------------------------------------------------------------------------------
Manufacturer patch:
VideoLAN
--------
At present the manufacturer had already issued the promotion patch repairs this security problem, welcome to manufacturer main page downloading:
https://trac.videolan.org/vlc/changeset/3de60bf5b886ad81d7c05d68dff7a1ba461c0ac1
|