VideoLAN VLC real.c ReadRealIndex Real Demuxer Integer Overflow
Gravité: : Critique
Identifiant(s) CVE: : CVE-2008-5276
Date du conseil: 21 juillet 2015
Description
Integer overflow in the ReadRealIndex function in real.c in the Real demuxer plugin in VideoLAN VLC media player 0.9.0 through 0.9.7 allows remote attackers to execute arbitrary code via a malformed RealMedia (.rm) file that triggers a heap-based buffer overflow.
Information Exposure Rating:
Apply associated Trend Micro DPI Rules.
Solutions
Trend Micro Deep Security DPI Rule Number: 1003201
Trend Micro Deep Security DPI Rule Name: 1003201 - VideoLAN VLC real.c ReadRealIndex Real Demuxer Integer Overflow
Affected software and version:
- videolan vlc_media_player 0.9.0
- videolan vlc_media_player 0.9.1
- videolan vlc_media_player 0.9.2
- videolan vlc_media_player 0.9.3
- videolan vlc_media_player 0.9.4
- videolan vlc_media_player 0.9.5
- videolan vlc_media_player 0.9.6
- videolan vlc_media_player 0.9.7
- videolan vlc_media_player 0.9.8