CVE-2008-3732

Priority
Low
Description
Integer overflow in the Open function in modules/demux/tta.c in VLC Media
Player 0.8.6i allows remote attackers to cause a denial of service
(application crash) or possibly execute arbitrary code via a crafted TTA
file, which triggers a heap-based buffer overflow. NOTE: some of these
details are obtained from third party information.
References
Package
Source: vlc (LP Ubuntu Debian)
Upstream:released (0.8.6.h-2)
Ubuntu 8.04 LTS (Hardy Heron):released (0.8.6.release.e+x264svn20071224+faad2.6.1-0ubuntu3.2)
Ubuntu 10.04 LTS (Lucid Lynx):not-affected (0.9.4-1ubuntu2)
More Information

Valid XHTML 1.0 Strict

Updated: 2012-06-01 15:19:01 UTC (commit 5347)