9.3

CVE-2008-4686

Multiple integer overflows in ty.c in the TY demux plugin (aka the TiVo demuxer) in VideoLAN VLC media player, probably 0.9.4, might allow remote attackers to execute arbitrary code via a crafted .ty file, a different vulnerability than CVE-2008-4654.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
VideolanVlc Media Player Version0.9.0
VideolanVlc Media Player Version0.9.1
VideolanVlc Media Player Version0.9.2
VideolanVlc Media Player Version0.9.3
VideolanVlc Media Player Version0.9.4
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 9.94% 0.95
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.3 8.6 10
AV:N/AC:M/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.openwall.com/lists/oss-security/2008/10/19/2
http://git.videolan.org/?p=vlc.git%3Ba=commitdiff%3Bh=d859e6b9537af2d7326276f70de25a840f554dc3
http://www.openwall.com/lists/oss-security/2008/10/22/6
http://www.securityfocus.com/bid/31867
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14630