Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2008-1768

Multiple integer overflows in VLC before 0.8.6f allow remote attackers to cause a denial of service (crash) via the (1) MP4 demuxer, (2) Real demuxer, and (3) Cinepak codec, which triggers a buffer overflow.

Related bugs and status

CVE-2008-1768 (Candidate) is related to these bugs:

Bug #238873: vlc in Hardy needs a security update

		In	Importance	Status
238873	vlc in Hardy needs a security update	vlc (Ubuntu)	High	Fix Released
238873	vlc in Hardy needs a security update	vlc (Ubuntu Dapper)	Undecided	Invalid
238873	vlc in Hardy needs a security update	vlc (Ubuntu Feisty)	Undecided	Won't Fix
238873	vlc in Hardy needs a security update	vlc (Ubuntu Gutsy)	Undecided	Won't Fix
238873	vlc in Hardy needs a security update	vlc (Ubuntu Intrepid)	High	Fix Released
238873	vlc in Hardy needs a security update	vlc (Ubuntu Hardy)	High	Fix Released

See the

CVE page on Mitre.org for more details.

References

GENTOO: GLSA-200804-25
CONFIRM: http://www.videolan.or...
CONFIRM: http://www.videolan.or...
CONFIRM: http://wiki.videolan.o...
BID: 28903
SECUNIA: 29800
SECUNIA: 29503
VUPEN: ADV-2008-0985
OVAL: oval:org.mitre.oval:de...