Candidate: CVE-2008-4686
PublicDate: 2008-10-22 18:00:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4686
 http://www.videolan.org/security/sa0809.html
Description:
 Multiple integer overflows in ty.c in the TY demux plugin (aka the TiVo
 demuxer) in VideoLAN VLC media player, probably 0.9.4, might allow remote
 attackers to execute arbitrary code via a crafted .ty file, a different
 vulnerability than CVE-2008-4654.
Ubuntu-Description:
Notes:
Bugs:
 https://bugs.launchpad.net/ubuntu/+source/vlc/+bug/285922
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=502726
Priority: low
Discovered-by:
Assigned-to:
CVSS: 

Patches_vlc:
 upstream: http://git.videolan.org/?p=vlc.git;a=commitdiff;h=d859e6b9537af2d7326276f70de25a840f554dc3
upstream_vlc: released (0.9.4-2)
dapper_vlc: ignored (reached end-of-life)
gutsy_vlc: needed (reached end-of-life)
hardy_vlc: not-affected (code not present)
intrepid_vlc: released (0.9.4-1ubuntu3.2)
jaunty_vlc: not-affected (0.9.8a-1ubuntu1)
karmic_vlc: not-affected (0.9.8a-1ubuntu1)
devel_vlc: not-affected (0.9.8a-1ubuntu1)