CVE-2010-3907
Publication date 3 January 2011
Last updated 24 July 2024
Ubuntu priority
Multiple integer overflows in real.c in the Real demuxer plugin in VideoLAN VLC Media Player before 1.1.6 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a zero i_subpackets value in a Real Media file, leading to a heap-based buffer overflow.
Status
Package | Ubuntu Release | Status |
---|---|---|
vlc | 11.04 natty |
Not affected
|
10.10 maverick |
Fixed 1.1.4-1ubuntu1.2
|
|
10.04 LTS lucid |
Fixed 1.0.6-1ubuntu1.2
|
|
9.10 karmic | Ignored end of life | |
8.04 LTS hardy | Ignored end of life | |
6.06 LTS dapper | Ignored end of life |
Patch details
Package | Patch details |
---|---|
vlc |