CVE-2008-1881

Priority
Medium
Description
Stack-based buffer overflow in the ParseSSA function
(modules/demux/subtitle.c) in VLC 0.8.6e allows remote attackers to execute
arbitrary code via a long subtitle in an SSA file. NOTE: this issue is due
to an incomplete fix for CVE-2007-6681.
References
Package
Source: vlc (LP Ubuntu Debian)
Upstream:needs-triage
More Information

Updated: 2017-12-14 19:42:00 UTC (commit 13907)