CVE-2013-4388: vlc
Buffer overflow in the mp4a packetizer (modules/packetizer/mpeg4audio.c) in VideoLAN VLC Media Player before 2.0.8 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.
•MLIST:[oss-security] 20130930 Re: CVE request: VLC
•URL: http://www.openwall.com/lists/oss-security/2013/10/01/2
•CONFIRM:
http://git.videolan.org/?p=vlc.git;a=commitdiff;h=9794ec1cd268c04c8bca13a5fae15df6594dff3e
•CONFIRM: http://www.videolan.org/developers/vlc-branch/NEWS
•OVAL:oval:org.mitre.oval:def:18086
•URL:
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:18086
•SECTRACK:1029120
•URL: http://www.securitytracker.com/id/1029120
(from redmine: issue id 2496, created on 2013-12-16, closed on 2013-12-18)
- Relations:
- child #2497 (closed)
- child #2498 (closed)
- child #2499 (closed)