VideoLAN VLC Media Player XSPF Memory Corruption

2015年7月21日

Email
Facebook
Twitter
Google+
Linkedin

危険度: : 中

CVE識別番号: CVE-2008-4558

概要

Array index error in VLC media player 0.9.2 allows remote attackers to overwrite arbitrary memory and execute arbitrary code via an XSPF playlist file with a negative identifier tag, which passes a signed comparison.

トレンドマイクロの対策

Apply associated Trend Micro DPI Rules.

対応方法

Trend Micro Deep Security DPI Rule Number: 1002982

Trend Micro Deep Security DPI Rule Name: 1002982 - VideoLAN VLC Media Player XSPF Memory Corruption

影響を受けるソフトウェア

videolan vlc_media_player 0.9.2