VideoLAN VLC real.c ReadRealIndex Real Demuxer Integer Overflow
Schweregrad: : Crítico
Identificador(es) CVE: : CVE-2008-5276
Data do informe: 21 julho 2015
Descrição
Integer overflow in the ReadRealIndex function in real.c in the Real demuxer plugin in VideoLAN VLC media player 0.9.0 through 0.9.7 allows remote attackers to execute arbitrary code via a malformed RealMedia (.rm) file that triggers a heap-based buffer overflow.
Exposição das informações
Apply associated Trend Micro DPI Rules.
Solução
Trend Micro Deep Security DPI Rule Number: 1003201
Trend Micro Deep Security DPI Rule Name: 1003201 - VideoLAN VLC real.c ReadRealIndex Real Demuxer Integer Overflow
Software infectado e versão:
- videolan vlc_media_player 0.9.0
- videolan vlc_media_player 0.9.1
- videolan vlc_media_player 0.9.2
- videolan vlc_media_player 0.9.3
- videolan vlc_media_player 0.9.4
- videolan vlc_media_player 0.9.5
- videolan vlc_media_player 0.9.6
- videolan vlc_media_player 0.9.7
- videolan vlc_media_player 0.9.8