Schweregrad:: Kritisch
  CVE Kennungen:: CVE-2008-5276
  Hinweisdatum: 21 Juli 2015

  Beschreibung

Integer overflow in the ReadRealIndex function in real.c in the Real demuxer plugin in VideoLAN VLC media player 0.9.0 through 0.9.7 allows remote attackers to execute arbitrary code via a malformed RealMedia (.rm) file that triggers a heap-based buffer overflow.

  Trend Micro Lösungen

Apply associated Trend Micro DPI Rules.

  Lösungen

  Trend Micro Deep Security DPI Rule Number: 1003201
  Trend Micro Deep Security DPI Rule Name: 1003201 - VideoLAN VLC real.c ReadRealIndex Real Demuxer Integer Overflow

  Betroffene Software und Version:

  • videolan vlc_media_player 0.9.0
  • videolan vlc_media_player 0.9.1
  • videolan vlc_media_player 0.9.2
  • videolan vlc_media_player 0.9.3
  • videolan vlc_media_player 0.9.4
  • videolan vlc_media_player 0.9.5
  • videolan vlc_media_player 0.9.6
  • videolan vlc_media_player 0.9.7
  • videolan vlc_media_player 0.9.8