Bug#502726: libty_plugin: vlc: exploitable buffer overflow in TY demux
Nico Golde
nion at debian.org
Sun Oct 19 16:28:39 UTC 2008
Hi Remi,
* Remi Denis-Courmont <rdenis at simphalempin.com> [2008-10-19 17:44]:
> VLC versions 0.8.2 through 0.9.4 are prone to an exploitable
> stack-based buffer overflow in the TY (TiVo) file parser.
>
> See also http://www.videolan.org/security/sa0809.html
are you sure that this is the case in 0.8.6.h-4?
>
> N.B.: please give me the CVE ID if you allocate one.
I requested a CVE id and will forward it to you then.
Cheers
Nico
--
Nico Golde - http://www.ngolde.de - nion at jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
More information about the pkg-multimedia-maintainers
mailing list