9.3
CVE-2008-4686
- EPSS 9.94%
- Veröffentlicht 22.10.2008 18:00:01
- Zuletzt bearbeitet 16.06.2026 22:58:18
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Multiple integer overflows in ty.c in the TY demux plugin (aka the TiVo demuxer) in VideoLAN VLC media player, probably 0.9.4, might allow remote attackers to execute arbitrary code via a crafted .ty file, a different vulnerability than CVE-2008-4654.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Videolan ≫ Vlc Media Player Version0.9.0
Videolan ≫ Vlc Media Player Version0.9.1
Videolan ≫ Vlc Media Player Version0.9.2
Videolan ≫ Vlc Media Player Version0.9.3
Videolan ≫ Vlc Media Player Version0.9.4
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 9.94% | 0.95 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.3 | 8.6 | 10 |
AV:N/AC:M/Au:N/C:C/I:C/A:C
|
http://www.openwall.com/lists/oss-security/2008/10/19/2
http://git.videolan.org/?p=vlc.git%3Ba=commitdiff%3Bh=d859e6b9537af2d7326276f70de25a840f554dc3
http://www.openwall.com/lists/oss-security/2008/10/22/6
http://www.securityfocus.com/bid/31867
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14630