Bug#461544: vlc: CVE-2008-0296 arbitrary code execution via crafted RTSP server
Nico Golde
nion at debian.org
Mon Jan 21 12:56:28 UTC 2008
retitle 461544 vlc: CVE-2008-029[5,6] multiple vulnerabilities in embedded xine copy
thanks
Hi Christophe,
* Christophe Mutricy <xtophe at nxtelevision.com> [2008-01-21 11:41]:
> > I contacted upstream for a patch of this.
>
> Hmmm, your mail hasn't reach us (or was mistakely deleted in moderation
> or I haven't look well enough)
Strange, glad to see that you follow the bug tracker.
> Anayway, here's a patch:
> http://trac.videolan.org/vlc/changeset/24440
Thanks!
> > [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0296
> Btw, there is also CVE-2008-0295 but i don't really see the difference
> between 295 and 296 as they refer to the same advisory of Luigi Auriemma
Yes this was still on our TODO list :)
CVE-2008-0295[0]:
| Heap-based buffer overflow in modules/access/rtsp/real_sdpplin.c in
| the Xine library, as used in VideoLAN VLC Media Player 0.8.6d and
| earlier, allows user-assisted remote attackers to cause a denial of
| service (crash) or execute arbitrary code via long Session Description
| Protocol (SDP) data.
Mitre usually splits different vulnerabilities to different
CVE ids.
Kind regards
Nico
[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0295
http://security-tracker.debian.net/tracker/CVE-2008-0295
--
Nico Golde - http://www.ngolde.de - nion at jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/pkg-multimedia-maintainers/attachments/20080121/ebaec820/attachment.pgp
More information about the pkg-multimedia-maintainers
mailing list