9.3
CVE-2008-5032
- EPSS 10.67%
- Veröffentlicht 10.11.2008 16:15:12
- Zuletzt bearbeitet 16.06.2026 22:59:07
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Stack-based buffer overflow in VideoLAN VLC media player 0.5.0 through 0.9.5 might allow user-assisted attackers to execute arbitrary code via the header of an invalid CUE image file, related to modules/access/vcd/cdrom.c. NOTE: this identifier originally included an issue related to RealText, but that issue has been assigned a separate identifier, CVE-2008-5036.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Videolan ≫ Vlc Media Player Version0.5.0
Videolan ≫ Vlc Media Player Version0.5.3
Videolan ≫ Vlc Media Player Version0.6.0
Videolan ≫ Vlc Media Player Version0.6.2
Videolan ≫ Vlc Media Player Version0.7.0
Videolan ≫ Vlc Media Player Version0.7.1
Videolan ≫ Vlc Media Player Version0.7.1a
Videolan ≫ Vlc Media Player Version0.7.2
Videolan ≫ Vlc Media Player Version0.7.2 Updatetest2
Videolan ≫ Vlc Media Player Version0.7.2 Updatetest3
Videolan ≫ Vlc Media Player Version0.8.0
Videolan ≫ Vlc Media Player Version0.8.1
Videolan ≫ Vlc Media Player Version0.8.2
Videolan ≫ Vlc Media Player Version0.8.4
Videolan ≫ Vlc Media Player Version0.8.4 Updatetest2
Videolan ≫ Vlc Media Player Version0.8.4a
Videolan ≫ Vlc Media Player Version0.8.5
Videolan ≫ Vlc Media Player Version0.8.5 Updatetest3
Videolan ≫ Vlc Media Player Version0.8.5 Updatetest4
Videolan ≫ Vlc Media Player Version0.8.6
Videolan ≫ Vlc Media Player Version0.8.6a
Videolan ≫ Vlc Media Player Version0.8.6b
Videolan ≫ Vlc Media Player Version0.8.6c
Videolan ≫ Vlc Media Player Version0.8.6d
Videolan ≫ Vlc Media Player Version0.8.6e
Videolan ≫ Vlc Media Player Version0.8.6f
Videolan ≫ Vlc Media Player Version0.8.6g
Videolan ≫ Vlc Media Player Version0.8.6h
Videolan ≫ Vlc Media Player Version0.8.6i
Videolan ≫ Vlc Media Player Version0.9
Videolan ≫ Vlc Media Player Version0.9.0
Videolan ≫ Vlc Media Player Version0.9.1
Videolan ≫ Vlc Media Player Version0.9.2
Videolan ≫ Vlc Media Player Version0.9.3
Videolan ≫ Vlc Media Player Version0.9.4
Videolan ≫ Vlc Media Player Version0.9.5
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 10.67% | 0.952 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.3 | 8.6 | 10 |
AV:N/AC:M/Au:N/C:C/I:C/A:C
|
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
http://git.videolan.org/?p=vlc.git%3Ba=commitdiff%3Bh=5f63f1562d43f32331006c2c1a61742de031b84d
http://secunia.com/advisories/32569
http://secunia.com/advisories/33315
http://security.gentoo.org/glsa/glsa-200812-24.xml
http://www.openwall.com/lists/oss-security/2008/11/05/4
http://www.openwall.com/lists/oss-security/2008/11/05/5
http://www.openwall.com/lists/oss-security/2008/11/10/13
http://www.securityfocus.com/archive/1/498112/100/0/threaded
http://www.securityfocus.com/bid/32125
http://www.trapkit.de/advisories/TKADV2008-012.txt
http://www.videolan.org/security/sa0810.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/46375
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14798