Debian Vlc vulnerabilities

CVE-2008-1769 [MEDIUM] CVE-2008-1769: vlc - VLC before 0.8.6f allow remote attackers to cause a denial of service (crash) vi... VLC before 0.8.6f allow remote attackers to cause a denial of service (crash) via a crafted Cinepak file that triggers an out-of-bounds array access and memory corruption. Scope: local bookworm: resolved (fixed in 0.8.6.e-2.1) bullseye: resolved (fixed in 0.8.6.e-2.1) forky: resolved (fixed in 0.8.6.e-2.1) sid: resolved (fixed in 0.8.6.e-2.1) trixie: resolved (fixed in

CVE-2008-4654 [CRITICAL] CVE-2008-4654: vlc - Stack-based buffer overflow in the parse_master function in the Ty demux plugin ... Stack-based buffer overflow in the parse_master function in the Ty demux plugin (modules/demux/ty.c) in VLC Media Player 0.9.0 through 0.9.4 allows remote attackers to execute arbitrary code via a TiVo TY media file with a header containing a crafted size value. Scope: local bookworm: resolved (fixed in 1.0.3-1) bullseye: resolved (fixed in 1.0.3-1) forky: resolved (f

CVE-2008-5248 [MEDIUM] CVE-2008-5248: vlc - xine-lib before 1.1.15 allows remote attackers to cause a denial of service (cra... xine-lib before 1.1.15 allows remote attackers to cause a denial of service (crash) via "MP3 files with metadata consisting only of separators." Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2008-2147 [MEDIUM] CVE-2008-2147: vlc - Untrusted search path vulnerability in VideoLAN VLC before 0.9.0 allows local us... Untrusted search path vulnerability in VideoLAN VLC before 0.9.0 allows local users to execute arbitrary code via a malicious library under the modules/ or plugins/ subdirectories of the current working directory. Scope: local bookworm: resolved (fixed in 0.8.6.e-2.2) bullseye: resolved (fixed in 0.8.6.e-2.2) forky: resolved (fixed in 0.8.6.e-2.2) sid: resolved (fixed i

CVE-2008-5276 [CRITICAL] CVE-2008-5276: vlc - Integer overflow in the ReadRealIndex function in real.c in the Real demuxer plu... Integer overflow in the ReadRealIndex function in real.c in the Real demuxer plugin in VideoLAN VLC media player 0.9.0 through 0.9.7 allows remote attackers to execute arbitrary code via a malformed RealMedia (.rm) file that triggers a heap-based buffer overflow. Scope: local bookworm: resolved (fixed in 0.9.8a-1) bullseye: resolved (fixed in 0.9.8a-1) forky: resolved

CVE-2007-3467 [HIGH] CVE-2007-3467: vlc - Integer overflow in the __status_Update function in stats.c VideoLAN VLC Media P... Integer overflow in the __status_Update function in stats.c VideoLAN VLC Media Player before 0.8.6c allows remote attackers to cause a denial of service (crash) via a WAV file with a large sample rate. Scope: local bookworm: resolved (fixed in 0.8.6.c-1) bullseye: resolved (fixed in 0.8.6.c-1) forky: resolved (fixed in 0.8.6.c-1) sid: resolved (fixed in 0.8.6.c-1) trixie:

CVE-2007-3468 [HIGH] CVE-2007-3468: vlc - input.c in VideoLAN VLC Media Player before 0.8.6c allows remote attackers to ca... input.c in VideoLAN VLC Media Player before 0.8.6c allows remote attackers to cause a denial of service (crash) via a crafted WAV file that causes an uninitialized i_nb_resamplers variable to be used. Scope: local bookworm: resolved (fixed in 0.8.6.c.debian-1) bullseye: resolved (fixed in 0.8.6.c.debian-1) forky: resolved (fixed in 0.8.6.c.debian-1) sid: resolved (fixed i

CVE-2007-6682 [HIGH] CVE-2007-6682: vlc - Format string vulnerability in the httpd_FileCallBack function (network/httpd.c)... Format string vulnerability in the httpd_FileCallBack function (network/httpd.c) in VideoLAN VLC 0.8.6d allows remote attackers to execute arbitrary code via format string specifiers in the Connection parameter. Scope: local bookworm: resolved (fixed in 0.8.6.c-4.1) bullseye: resolved (fixed in 0.8.6.c-4.1) forky: resolved (fixed in 0.8.6.c-4.1) sid: resolved (fixed in 0.

CVE-2007-3316 [CRITICAL] CVE-2007-3316: vlc - Multiple format string vulnerabilities in plugins in VideoLAN VLC Media Player b... Multiple format string vulnerabilities in plugins in VideoLAN VLC Media Player before 0.8.6c allow remote attackers to cause a denial of service (crash) or execute arbitrary code via format string specifiers in (1) an Ogg/Vorbis file, (2) an Ogg/Theora file, (3) a CDDB entry for a CD Digital Audio (CDDA) file, or (4) Service Announce Protocol (SAP) multicast packets.

CVE-2007-6684 [MEDIUM] CVE-2007-6684: vlc - The RTSP module in VideoLAN VLC 0.8.6d allows remote attackers to cause a denial... The RTSP module in VideoLAN VLC 0.8.6d allows remote attackers to cause a denial of service (crash) via a request without a Transport parameter, which triggers a NULL pointer dereference. Scope: local bookworm: resolved (fixed in 0.8.6.c-4.1) bullseye: resolved (fixed in 0.8.6.c-4.1) forky: resolved (fixed in 0.8.6.c-4.1) sid: resolved (fixed in 0.8.6.c-4.1) trixie: res

CVE-2007-0017 [MEDIUM] CVE-2007-0017: vlc - Multiple format string vulnerabilities in (1) the cdio_log_handler function in m... Multiple format string vulnerabilities in (1) the cdio_log_handler function in modules/access/cdda/access.c in the CDDA (libcdda_plugin) plugin, and the (2) cdio_log_handler and (3) vcd_log_handler functions in modules/access/vcdx/access.c in the VCDX (libvcdx_plugin) plugin, in VideoLAN VLC 0.7.0 through 0.8.6 allow user-assisted remote attackers to execute arbitrary c

CVE-2007-6683 [MEDIUM] CVE-2007-6683: vlc - The browser plugin in VideoLAN VLC 0.8.6d allows remote attackers to overwrite a... The browser plugin in VideoLAN VLC 0.8.6d allows remote attackers to overwrite arbitrary files via (1) the :demuxdump-file option in a filename in a playlist, or (2) a EXTVLCOPT statement in an MP3 file, possibly an argument injection vulnerability. Scope: local bookworm: resolved (fixed in 0.8.6.c-4.1) bullseye: resolved (fixed in 0.8.6.c-4.1) forky: resolved (fixed in

CVE-2007-6262 [MEDIUM] CVE-2007-6262: vlc - A certain ActiveX control in axvlc.dll in VideoLAN VLC 0.8.6 before 0.8.6d allow... A certain ActiveX control in axvlc.dll in VideoLAN VLC 0.8.6 before 0.8.6d allows remote attackers to execute arbitrary code via crafted arguments to the (1) addTarget, (2) getVariable, or (3) setVariable function, resulting from a "bad initialized pointer," aka a "recursive plugin release vulnerability." Scope: local bookworm: resolved bullseye: resolved forky: resolve

CVE-2007-0256 [HIGH] CVE-2007-0256: vlc - VideoLAN VLC 0.8.6a allows remote attackers to cause a denial of service (applic... VideoLAN VLC 0.8.6a allows remote attackers to cause a denial of service (application crash) via a crafted .wmv file. Scope: local bookworm: resolved (fixed in 0.8.6.c-1) bullseye: resolved (fixed in 0.8.6.c-1) forky: resolved (fixed in 0.8.6.c-1) sid: resolved (fixed in 0.8.6.c-1) trixie: resolved (fixed in 0.8.6.c-1)

CVE-2007-6681 [HIGH] CVE-2007-6681: vlc - Stack-based buffer overflow in modules/demux/subtitle.c in VideoLAN VLC 0.8.6d a... Stack-based buffer overflow in modules/demux/subtitle.c in VideoLAN VLC 0.8.6d allows remote attackers to execute arbitrary code via a long subtitle in a (1) MicroDvd, (2) SSA, and (3) Vplayer file. Scope: local bookworm: resolved (fixed in 0.8.6.c-4.1) bullseye: resolved (fixed in 0.8.6.c-4.1) forky: resolved (fixed in 0.8.6.c-4.1) sid: resolved (fixed in 0.8.6.c-4.1) tr

CVE-2006-1664 [HIGH] CVE-2006-1664: vlc - Buffer overflow in xine_list_delete_current in libxine 1.14 and earlier, as dist... Buffer overflow in xine_list_delete_current in libxine 1.14 and earlier, as distributed in xine-lib 1.1.1 and earlier, allows remote attackers to execute arbitrary code via a crafted MPEG stream. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2005-4048 [HIGH] CVE-2005-4048: ffmpeg - Heap-based buffer overflow in the avcodec_default_get_buffer function (utils.c) ... Heap-based buffer overflow in the avcodec_default_get_buffer function (utils.c) in FFmpeg libavcodec 0.4.9-pre1 and earlier, as used in products such as (1) mplayer, (2) xine-lib, (3) Xmovie, and (4) GStreamer, allows remote attackers to execute arbitrary commands via small PNG images with palettes. Scope: local bookworm: resolved (fixed in 0.cvs20050918-5.1) bullseye:

CVE-2004-1476 [MEDIUM] CVE-2004-1476: libcdio - Stack-based buffer overflow in the VideoCD (VCD) code in xine-lib 1-rc2 through ... Stack-based buffer overflow in the VideoCD (VCD) code in xine-lib 1-rc2 through 1-rc5, as derived from libcdio, allows attackers to execute arbitrary code via a VideoCD with an unterminated disk label. Scope: local bookworm: resolved (fixed in 0.69) bullseye: resolved (fixed in 0.69) forky: resolved (fixed in 0.69) sid: resolved (fixed in 0.69) trixie: resolved (fix

CVE-2004-1475 [MEDIUM] CVE-2004-1475: vlc - Multiple stack-based buffer overflows in xine-lib 1-rc2 through 1-rc5 allow atta... Multiple stack-based buffer overflows in xine-lib 1-rc2 through 1-rc5 allow attackers to execute arbitrary code via (1) long VideoCD vcd:// MRLs or (2) long subtitle lines. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2004-1300 [CRITICAL] CVE-2004-1300: vlc - Buffer overflow in the open_aiff_file function in demux_aiff.c for xine-lib (lib... Buffer overflow in the open_aiff_file function in demux_aiff.c for xine-lib (libxine) 1-rc7 allows remote attackers to execute arbitrary code via a crafted AIFF file. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved