CVE-2008-3794
published 2008-08-26CVE-2008-3794: Integer signedness error in the mms_ReceiveCommand function in modules/access/mms/mmstu.c in VLC Media Player 0.8.6i allows remote attackers to execute…
PriorityP346medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EXPLOIT
EPSS
11.04%
95.4th percentile
Integer signedness error in the mms_ReceiveCommand function in modules/access/mms/mmstu.c in VLC Media Player 0.8.6i allows remote attackers to execute arbitrary code via a crafted mmst link with a negative size value, which bypasses a size check and triggers an integer overflow followed by a heap-based buffer overflow.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | vlc | < vlc 0.8.6.h-4 (bookworm) | vlc 0.8.6.h-4 (bookworm) |
| videolan | vlc_media_player | — | — |
| videolan | vlc_media_player | >= 0 < 0.8.6.h-4 | 0.8.6.h-4 |
| videolan | vlc_media_player | >= 0 < 0.8.6.h-4 | 0.8.6.h-4 |
| videolan | vlc_media_player | >= 0 < 0.8.6.h-4 | 0.8.6.h-4 |
| videolan | vlc_media_player | >= 0 < 0.8.6.h-4 | 0.8.6.h-4 |
CVSS provenance
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
osv6.8MEDIUM
vendor_debian6.8MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-6q3h-pc9x-4hhc: Integer signedness error in the mms_ReceiveCommand function in modules/access/mms/mmstu
ghsa_unreviewed·2022-05-02
CVE-2008-3794 [MEDIUM] GHSA-6q3h-pc9x-4hhc: Integer signedness error in the mms_ReceiveCommand function in modules/access/mms/mmstu
Integer signedness error in the mms_ReceiveCommand function in modules/access/mms/mmstu.c in VLC Media Player 0.8.6i allows remote attackers to execute arbitrary code via a crafted mmst link with a negative size value, which bypasses a size check and triggers an integer overflow followed by a heap-based buffer overflow.
OSV
CVE-2008-3794: Integer signedness error in the mms_ReceiveCommand function in modules/access/mms/mmstu
osv·2008-08-26·CVSS 6.8
CVE-2008-3794 [MEDIUM] CVE-2008-3794: Integer signedness error in the mms_ReceiveCommand function in modules/access/mms/mmstu
Integer signedness error in the mms_ReceiveCommand function in modules/access/mms/mmstu.c in VLC Media Player 0.8.6i allows remote attackers to execute arbitrary code via a crafted mmst link with a negative size value, which bypasses a size check and triggers an integer overflow followed by a heap-based buffer overflow.
Debian
CVE-2008-3794: vlc - Integer signedness error in the mms_ReceiveCommand function in modules/access/mm...
vendor_debian·2008·CVSS 6.8
CVE-2008-3794 [MEDIUM] CVE-2008-3794: vlc - Integer signedness error in the mms_ReceiveCommand function in modules/access/mm...
Integer signedness error in the mms_ReceiveCommand function in modules/access/mms/mmstu.c in VLC Media Player 0.8.6i allows remote attackers to execute arbitrary code via a crafted mmst link with a negative size value, which bypasses a size check and triggers an integer overflow followed by a heap-based buffer overflow.
Scope: local
bookworm: resolved (fixed in 0.8.6.h-4)
bullseye: resolved (fixed in 0.8.6.h-4)
forky: resolved (fixed in 0.8.6.h-4)
sid: resolved (fixed in 0.8.6.h-4)
trixie: resolved (fixed in 0.8.6.h-4)
No detection rules found.
No writeups or analysis indexed.
http://mailman.videolan.org/pipermail/vlc-devel/2008-August/048488.htmlhttp://security.gentoo.org/glsa/glsa-200809-06.xmlhttp://securityreason.com/securityalert/4190http://www.openwall.com/lists/oss-security/2008/08/24/3http://www.orange-bat.com/adv/2008/adv.08.24.txthttp://www.securityfocus.com/bid/30806http://www.securitytracker.com/id?1020759https://exchange.xforce.ibmcloud.com/vulnerabilities/44659https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14531https://www.exploit-db.com/exploits/6293http://mailman.videolan.org/pipermail/vlc-devel/2008-August/048488.htmlhttp://security.gentoo.org/glsa/glsa-200809-06.xmlhttp://securityreason.com/securityalert/4190http://www.openwall.com/lists/oss-security/2008/08/24/3http://www.orange-bat.com/adv/2008/adv.08.24.txthttp://www.securityfocus.com/bid/30806http://www.securitytracker.com/id?1020759https://exchange.xforce.ibmcloud.com/vulnerabilities/44659https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14531https://www.exploit-db.com/exploits/6293
2008-08-26
Published