Search CVE reports
131 – 140 of 149 results
CVE-2008-1769
Low prioritySome fixes available 1 of 4
VLC before 0.8.6f allow remote attackers to cause a denial of service (crash) via a crafted Cinepak file that triggers an out-of-bounds array access and memory corruption.
1 affected packages
vlc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
vlc | — | — | — | — | — |
CVE-2008-1768
Low prioritySome fixes available 1 of 4
Multiple integer overflows in VLC before 0.8.6f allow remote attackers to cause a denial of service (crash) via the (1) MP4 demuxer, (2) Real demuxer, and (3) Cinepak codec, which triggers a buffer overflow.
1 affected packages
vlc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
vlc | — | — | — | — | — |
CVE-2008-1881
Medium prioritySome fixes available 4 of 7
Stack-based buffer overflow in the ParseSSA function (modules/demux/subtitle.c) in VLC 0.8.6e allows remote attackers to execute arbitrary code via a long subtitle in an SSA file. NOTE: this issue is due to an incomplete fix for...
1 affected packages
vlc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
vlc | — | — | — | — | — |
CVE-2008-1686
Medium prioritySome fixes available 32 of 47
Array index vulnerability in Speex 1.1.12 and earlier, as used in libfishsound 0.9.0 and earlier, including Illiminable DirectShow Filters and Annodex Plugins for Firefox, xine-lib before 1.1.12, and many other products, allows...
8 affected packages
gst-plugins-good0.10, libfishsound, speex, sweep, vlc...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
gst-plugins-good0.10 | — | — | — | — | — |
libfishsound | — | — | — | — | — |
speex | — | — | — | — | — |
sweep | — | — | — | — | — |
vlc | — | — | — | — | — |
vorbis-tools | — | — | — | — | — |
xine-lib | — | — | — | — | — |
xmms-speex | — | — | — | — | — |
CVE-2008-1489
Medium prioritySome fixes available 4 of 5
Integer overflow in the MP4_ReadBox_rdrf function in libmp4.c for VLC 0.8.6e allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted MP4 RDRF box that triggers a heap-based...
1 affected packages
vlc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
vlc | — | — | — | — | — |
CVE-2008-0073
Medium prioritySome fixes available 11 of 24
Array index error in the sdpplin_parse function in input/libreal/sdpplin.c in xine-lib 1.1.10.1 allows remote RTSP servers to execute arbitrary code via a large streamid SDP parameter.
3 affected packages
mplayer, vlc, xine-lib
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
mplayer | — | — | — | — | — |
vlc | — | — | — | — | — |
xine-lib | — | — | — | — | — |
CVE-2008-0984
Medium priorityThe MP4 demuxer (mp4.c) for VLC media player 0.8.6d and earlier, as used in Miro Player 1.1 and earlier, allows remote attackers to overwrite arbitrary memory and execute arbitrary code via a malformed MP4 file.
1 affected packages
vlc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
vlc | — | — | — | — | — |
CVE-2007-6684
Low prioritySome fixes available 4 of 8
The RTSP module in VideoLAN VLC 0.8.6d allows remote attackers to cause a denial of service (crash) via a request without a Transport parameter, which triggers a NULL pointer dereference.
1 affected packages
vlc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
vlc | — | — | — | — | — |
CVE-2007-6683
Low prioritySome fixes available 4 of 8
The browser plugin in VideoLAN VLC 0.8.6d allows remote attackers to overwrite arbitrary files via (1) the :demuxdump-file option in a filename in a playlist, or (2) a EXTVLCOPT statement in an MP3 file, possibly an argument...
1 affected packages
vlc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
vlc | — | — | — | — | — |
CVE-2007-6682
Medium prioritySome fixes available 4 of 8
Format string vulnerability in the httpd_FileCallBack function (network/httpd.c) in VideoLAN VLC 0.8.6d allows remote attackers to execute arbitrary code via format string specifiers in the Connection parameter.
1 affected packages
vlc
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
vlc | — | — | — | — | — |