VideoLAN VLC real.c ReadRealIndex Real Demuxer Integer Overflow
Gravedad: Crítico
Identificadores de CVE : CVE-2008-5276
Fecha recomendada: 21 de julio de 2015
Descripción
Integer overflow in the ReadRealIndex function in real.c in the Real demuxer plugin in VideoLAN VLC media player 0.9.0 through 0.9.7 allows remote attackers to execute arbitrary code via a malformed RealMedia (.rm) file that triggers a heap-based buffer overflow.
Revelación de la información
Apply associated Trend Micro DPI Rules.
Soluciones
Trend Micro Deep Security DPI Rule Number: 1003201
Trend Micro Deep Security DPI Rule Name: 1003201 - VideoLAN VLC real.c ReadRealIndex Real Demuxer Integer Overflow
Software y versión afectados
- videolan vlc_media_player 0.9.0
- videolan vlc_media_player 0.9.1
- videolan vlc_media_player 0.9.2
- videolan vlc_media_player 0.9.3
- videolan vlc_media_player 0.9.4
- videolan vlc_media_player 0.9.5
- videolan vlc_media_player 0.9.6
- videolan vlc_media_player 0.9.7
- videolan vlc_media_player 0.9.8