Summary: | <media-video/vlc-1.1.6: Integer overflow in Real codec (CVE-2010-3907) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Tim Sammut (RETIRED) <underling> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | media-video |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://www.videolan.org/security/sa1007.html | ||
Whiteboard: | B2 [glsa] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 352206 | ||
Bug Blocks: |
Description
Tim Sammut (RETIRED)
2011-01-07 06:45:58 UTC
vlc-1.1.6 should fix this =media-video/vlc-1.1.6 is being stabilized in bug 352206.(In reply to comment #1) > vlc-1.1.6 should fix this > Great, thank you. =media-video/vlc-1.1.6 is being stabilized in bug 352206. CVE-2010-3907 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3907): Multiple integer overflows in real.c in the Real demuxer plugin in VideoLAN VLC Media Player before 1.1.6 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a zero i_subpackets value in a Real Media file, leading to a heap-based buffer overflow. This issue was resolved and addressed in GLSA 201411-01 at http://security.gentoo.org/glsa/glsa-201411-01.xml by GLSA coordinator Sean Amoss (ackle). |