VideoLAN VLC Media Player TY Processing Buffer Overflow

2015年7月21日

Email
Facebook
Twitter
Google+
Linkedin

危険度: : 緊急

CVE識別番号: CVE-2008-4654

概要

Stack-based buffer overflow in the parse_master function in the Ty demux plugin (modules/demux/ty.c) in VLC Media Player 0.9.0 through 0.9.4 allows remote attackers to execute arbitrary code via a TiVo TY media file with a header containing a crafted size value.

トレンドマイクロの対策

Apply associated Trend Micro DPI Rules.

対応方法

Trend Micro Deep Security DPI Rule Number: 1003099

Trend Micro Deep Security DPI Rule Name: 1003099 - VideoLAN VLC Media Player TY Processing Buffer Overflow

影響を受けるソフトウェア

videolan vlc_media_player 0.9
videolan vlc_media_player 0.9.1
videolan vlc_media_player 0.9.2
videolan vlc_media_player 0.9.3
videolan vlc_media_player 0.9.4