9.3

CVE-2008-3732

Exploit
Integer overflow in the Open function in modules/demux/tta.c in VLC Media Player 0.8.6i allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TTA file, which triggers a heap-based buffer overflow.  NOTE: some of these details are obtained from third party information.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
VideolanVlc Media Player Version0.8.6i
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 13.43% 0.959
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.3 8.6 10
AV:N/AC:M/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/31512
Vendor Advisory
http://security.gentoo.org/glsa/glsa-200809-06.xml
http://securityreason.com/securityalert/4170
http://www.orange-bat.com/adv/2008/adv.08.16.txt
Exploit
http://www.securityfocus.com/bid/30718
http://www.vupen.com/english/advisories/2008/2394
https://exchange.xforce.ibmcloud.com/vulnerabilities/44510
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14570
https://www.exploit-db.com/exploits/6252