Debian Vlc vulnerabilities

CVE-2011-3623 [HIGH] CVE-2011-3623: vlc - Multiple stack-based buffer overflows in VideoLAN VLC media player before 1.0.2 ... Multiple stack-based buffer overflows in VideoLAN VLC media player before 1.0.2 allow remote attackers to execute arbitrary code via (1) a crafted ASF file, related to the ASF_ObjectDumpDebug function in modules/demux/asf/libasf.c; (2) a crafted AVI file, related to the AVI_ChunkDumpDebug_level function in modules/demux/avi/libavi.c; or (3) a crafted MP4 file, related to

CVE-2011-0531 [CRITICAL] CVE-2011-0531: vlc - demux/mkv/mkv.hpp in the MKV demuxer plugin in VideoLAN VLC media player 1.1.6.1... demux/mkv/mkv.hpp in the MKV demuxer plugin in VideoLAN VLC media player 1.1.6.1 and earlier allows remote attackers to cause a denial of service (crash) and execute arbitrary commands via a crafted MKV (WebM or Matroska) file that triggers memory corruption, related to "class mismatching" and the MKV_IS_ID macro. Scope: local bookworm: resolved (fixed in 1.1.7-1) bul

CVE-2011-0522 [MEDIUM] CVE-2011-0522: vlc - The StripTags function in (1) the USF decoder (modules/codec/subtitles/subsdec.c... The StripTags function in (1) the USF decoder (modules/codec/subtitles/subsdec.c) and (2) the Text decoder (modules/codec/subtitles/subsusf.c) in VideoLAN VLC Media Player 1.1 before 1.1.6-rc allows remote attackers to execute arbitrary code via a subtitle with an opening "" in an MKV file, which triggers heap memory corruption, as demonstrated using refined-australia-b

CVE-2011-2588 [MEDIUM] CVE-2011-2588: vlc - Heap-based buffer overflow in the AVI_ChunkRead_strf function in libavi.c in the... Heap-based buffer overflow in the AVI_ChunkRead_strf function in libavi.c in the AVI demuxer in VideoLAN VLC media player before 1.1.11 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted AVI media file. Scope: local bookworm: resolved (fixed in 1.1.11-1) bullseye: resolved (fixed in 1.1.11-1) forky:

CVE-2011-1684 [MEDIUM] CVE-2011-1684: vlc - Heap-based buffer overflow in the MP4_ReadBox_skcr function in libmp4.c in the M... Heap-based buffer overflow in the MP4_ReadBox_skcr function in libmp4.c in the MP4 demultiplexer in VideoLAN VLC media player 1.x before 1.1.9 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted MP4 file. Scope: local bookworm: resolved (fixed in 1.1.8-3) bullseye: resolved (fixed in 1.1.8-3) forky: r

CVE-2011-2587 [MEDIUM] CVE-2011-2587: vlc - Heap-based buffer overflow in the DemuxAudioSipr function in real.c in the RealM... Heap-based buffer overflow in the DemuxAudioSipr function in real.c in the RealMedia demuxer in VideoLAN VLC media player 1.1.x before 1.1.11 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Real Media file. Scope: local bookworm: resolved (fixed in 1.1.11-1) bullseye: resolved (fixed in 1.1.11-1)

CVE-2011-1087 [HIGH] CVE-2011-1087: vlc - Buffer overflow in VideoLAN VLC media player 1.0.5 allows user-assisted remote a... Buffer overflow in VideoLAN VLC media player 1.0.5 allows user-assisted remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted .mp3 file that is played during bookmark creation. Scope: local bookworm: resolved (fixed in 1.1.10-1) bullseye: resolved (fixed in 1.1.10-1) forky: resolved (fixed

CVE-2010-3276 [CRITICAL] CVE-2010-3276: vlc - libdirectx_plugin.dll in VideoLAN VLC Media Player before 1.1.8 allows remote at... libdirectx_plugin.dll in VideoLAN VLC Media Player before 1.1.8 allows remote attackers to execute arbitrary code via a crafted width in an NSV file. Scope: local bookworm: resolved (fixed in 1.1.8-1) bullseye: resolved (fixed in 1.1.8-1) forky: resolved (fixed in 1.1.8-1) sid: resolved (fixed in 1.1.8-1) trixie: resolved (fixed in 1.1.8-1)

CVE-2010-3275 [CRITICAL] CVE-2010-3275: vlc - libdirectx_plugin.dll in VideoLAN VLC Media Player before 1.1.8 allows remote at... libdirectx_plugin.dll in VideoLAN VLC Media Player before 1.1.8 allows remote attackers to execute arbitrary code via a crafted width in an AMV file, related to a "dangling pointer vulnerability." Scope: local bookworm: resolved (fixed in 1.1.8-1) bullseye: resolved (fixed in 1.1.8-1) forky: resolved (fixed in 1.1.8-1) sid: resolved (fixed in 1.1.8-1) trixie: resolved

CVE-2010-3907 [CRITICAL] CVE-2010-3907: vlc - Multiple integer overflows in real.c in the Real demuxer plugin in VideoLAN VLC ... Multiple integer overflows in real.c in the Real demuxer plugin in VideoLAN VLC Media Player before 1.1.6 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a zero i_subpackets value in a Real Media file, leading to a heap-based buffer overflow. Scope: local bookworm: resolved (fixed in 1.1.3-1squeeze1) bulls

CVE-2010-1441 [HIGH] CVE-2010-1441: vlc - Multiple heap-based buffer overflows in VideoLAN VLC media player before 1.0.6 a... Multiple heap-based buffer overflows in VideoLAN VLC media player before 1.0.6 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted byte stream to the (1) A/52, (2) DTS, or (3) MPEG Audio decoder. Scope: local bookworm: resolved (fixed in 1.0.6-1) bullseye: resolved (fixed in 1.0.6-1) forky: resolved (fix

CVE-2010-1444 [HIGH] CVE-2010-1444: vlc - The ZIP archive decompressor in VideoLAN VLC media player before 1.0.6 allows re... The ZIP archive decompressor in VideoLAN VLC media player before 1.0.6 allows remote attackers to cause a denial of service (invalid memory access and application crash) or possibly execute arbitrary code via a crafted archive. Scope: local bookworm: resolved (fixed in 1.0.6-1) bullseye: resolved (fixed in 1.0.6-1) forky: resolved (fixed in 1.0.6-1) sid: resolved (fixed i

CVE-2010-1442 [HIGH] CVE-2010-1442: vlc - VideoLAN VLC media player before 1.0.6 allows remote attackers to cause a denial... VideoLAN VLC media player before 1.0.6 allows remote attackers to cause a denial of service (invalid memory access and application crash) or possibly execute arbitrary code via a crafted byte stream to the (1) AVI, (2) ASF, or (3) Matroska (aka MKV) demuxer. Scope: local bookworm: resolved (fixed in 1.0.6-1) bullseye: resolved (fixed in 1.0.6-1) forky: resolved (fixed in

CVE-2010-1445 [HIGH] CVE-2010-1445: vlc - Heap-based buffer overflow in VideoLAN VLC media player before 1.0.6 allows remo... Heap-based buffer overflow in VideoLAN VLC media player before 1.0.6 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted byte stream in an RTMP session. Scope: local bookworm: resolved (fixed in 1.0.6-1) bullseye: resolved (fixed in 1.0.6-1) forky: resolved (fixed in 1.0.6-1) sid: resolved (fixed in 1.0

CVE-2010-2937 [MEDIUM] CVE-2010-2937: vlc - The ReadMetaFromId3v2 function in taglib.cpp in the TagLib plugin in VideoLAN VL... The ReadMetaFromId3v2 function in taglib.cpp in the TagLib plugin in VideoLAN VLC media player 0.9.0 through 1.1.2 does not properly process ID3v2 tags, which allows remote attackers to cause a denial of service (application crash) via a crafted media file. Scope: local bookworm: resolved (fixed in 1.1.3-1) bullseye: resolved (fixed in 1.1.3-1) forky: resolved (fixed in

CVE-2010-2062 [HIGH] CVE-2010-2062: mplayer - Integer underflow in the real_get_rdt_chunk function in real.c, as used in modul... Integer underflow in the real_get_rdt_chunk function in real.c, as used in modules/access/rtsp/real.c in VideoLAN VLC media player before 1.0.1 and stream/realrtsp/real.c in MPlayer before r29447, allows remote attackers to execute arbitrary code via a crafted length value in an RDT chunk header. Scope: local bookworm: resolved (fixed in 2:1.0~rc3+svn20100502-3) bulls

CVE-2010-0364 [CRITICAL] CVE-2010-0364: vlc - Stack-based buffer overflow in VideoLAN VLC Media Player 0.8.6 allows user-assis... Stack-based buffer overflow in VideoLAN VLC Media Player 0.8.6 allows user-assisted remote attackers to execute arbitrary code via an ogg file with a crafted Advanced SubStation Alpha Subtitle (.ass) file, probably involving the Dialogue field. Scope: local bookworm: resolved (fixed in 0.8.6.c-4.1) bullseye: resolved (fixed in 0.8.6.c-4.1) forky: resolved (fixed in 0.

CVE-2010-1443 [MEDIUM] CVE-2010-1443: vlc - The parse_track_node function in modules/demux/playlist/xspf.c in the XSPF playl... The parse_track_node function in modules/demux/playlist/xspf.c in the XSPF playlist parser in VideoLAN VLC media player before 1.0.6 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty location element in an XML Shareable Playlist Format (XSPF) document. Scope: local bookworm: resolved (fixed in 1.0.6-1) bul

CVE-2010-3124 [CRITICAL] CVE-2010-3124: vlc - Untrusted search path vulnerability in bin/winvlc.c in VLC Media Player 1.1.3 an... Untrusted search path vulnerability in bin/winvlc.c in VLC Media Player 1.1.3 and earlier allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wintab32.dll that is located in the same folder as a .mp3 file. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixi

CVE-2009-1274 [MEDIUM] CVE-2009-1274: vlc - Integer overflow in the qt_error parse_trak_atom function in demuxers/demux_qt.c... Integer overflow in the qt_error parse_trak_atom function in demuxers/demux_qt.c in xine-lib 1.1.16.2 and earlier allows remote attackers to execute arbitrary code via a Quicktime movie file with a large count value in an STTS atom, which triggers a heap-based buffer overflow. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resol