fkie_cve-2008-1768
Vulnerability from fkie_nvd
Published
2008-04-25 06:05
Modified
2025-04-09 00:30
Severity ?
Summary
Multiple integer overflows in VLC before 0.8.6f allow remote attackers to cause a denial of service (crash) via the (1) MP4 demuxer, (2) Real demuxer, and (3) Cinepak codec, which triggers a buffer overflow.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:videolan:vlc:0.1.99:*:*:*:*:*:*:*",
"matchCriteriaId": "929E49D1-B8F6-4A25-A93F-D8211520ED61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc:0.1.99a:*:*:*:*:*:*:*",
"matchCriteriaId": "B61BB1FD-6D2A-42EA-9824-9A8FD728B4CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc:0.1.99b:*:*:*:*:*:*:*",
"matchCriteriaId": "76DDF802-26C2-437E-BB01-F01209FFE0BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc:0.1.99c:*:*:*:*:*:*:*",
"matchCriteriaId": "546BAE28-5B2A-4856-8B2A-316D9AD2F5A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc:0.1.99d:*:*:*:*:*:*:*",
"matchCriteriaId": "56926B35-987F-4C12-9FBC-61BF7CEE1541",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc:0.1.99e:*:*:*:*:*:*:*",
"matchCriteriaId": "2D8FAE03-C528-4BAD-823E-EEEC4368113D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc:0.1.99f:*:*:*:*:*:*:*",
"matchCriteriaId": "1C5B604B-5A7A-450A-8252-60FDCB114283",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc:0.1.99g:*:*:*:*:*:*:*",
"matchCriteriaId": "78FCD5D6-A4A9-48CD-BD0E-296FD1032907",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc:0.1.99h:*:*:*:*:*:*:*",
"matchCriteriaId": "5624A925-C0D8-4E85-9B32-085BB9059FFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc:0.1.99i:*:*:*:*:*:*:*",
"matchCriteriaId": "28E35B1D-3191-4E18-B265-ACA736A87645",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc:0.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "60FCBA5D-568F-424B-BFB1-1BA41DB0D6B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc:0.2.50:*:*:*:*:*:*:*",
"matchCriteriaId": "656BBC4D-8569-4A91-87DF-93D053BEEC57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc:0.2.60:*:*:*:*:*:*:*",
"matchCriteriaId": "0C9C7B19-59F4-43FB-8122-AAD36ABDF807",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc:0.2.61:*:*:*:*:*:*:*",
"matchCriteriaId": "6E2DB4C0-CCEE-40D6-B227-E00A002D755B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc:0.2.62:*:*:*:*:*:*:*",
"matchCriteriaId": "01BE9872-10B5-466E-BEE4-69B6451076C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc:0.2.63:*:*:*:*:*:*:*",
"matchCriteriaId": "C6125D6E-6416-49E8-8770-5C0590F3FA0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc:0.2.70:*:*:*:*:*:*:*",
"matchCriteriaId": "27122F7C-1D19-41D8-B323-A6941D0DE193",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc:0.2.71:*:*:*:*:*:*:*",
"matchCriteriaId": "6068DB81-542B-43F0-9B42-CEA7689F61D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc:0.2.72:*:*:*:*:*:*:*",
"matchCriteriaId": "A009555D-CC59-4C6A-B350-E7F4730F5B7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc:0.2.73:*:*:*:*:*:*:*",
"matchCriteriaId": "3299D365-015F-4A95-80C3-977853E70E1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc:0.2.80:*:*:*:*:*:*:*",
"matchCriteriaId": "47EC751E-FB47-4263-B9ED-FBBAAEA677F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc:0.2.81:*:*:*:*:*:*:*",
"matchCriteriaId": "5BA7C125-989A-4727-9E59-44ACC1750E6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc:0.2.82:*:*:*:*:*:*:*",
"matchCriteriaId": "BC105DEB-DE1F-4183-8A4A-F7E58FBB82C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc:0.2.83:*:*:*:*:*:*:*",
"matchCriteriaId": "521F12A2-7785-48C9-BB11-E91CEF61584F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc:0.2.90:*:*:*:*:*:*:*",
"matchCriteriaId": "25A412BA-A195-4893-B5F8-EE6FC9A53326",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc:0.2.91:*:*:*:*:*:*:*",
"matchCriteriaId": "A6ADA95A-A8B2-4E3E-A3E4-AEA03B14C339",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc:0.2.92:*:*:*:*:*:*:*",
"matchCriteriaId": "F7823310-E6C2-42D6-A0CC-8D2A0CA5EB6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc:0.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EBE2DF23-1CF5-4371-82EF-7072B0FCC226",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc:0.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2F706E26-E58D-4B5C-98AC-A386BF7ABC24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc:0.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E19F3E58-0D65-45AF-8024-E3A7CFD05142",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc:0.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4B24956D-A924-40BC-A340-3BE9DD3CCBA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc:0.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F94AC83A-6790-4E26-A4B8-E2B4394CB3FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc:0.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DD6F543A-8520-4F13-9C03-9520A6B92944",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc:0.4.3_ac3:*:*:*:*:*:*:*",
"matchCriteriaId": "F3991F10-CFC4-4979-B5D4-F9EFB9992683",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc:0.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "01FC4A5C-5A0A-40CF-891B-97443CC4A367",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc:0.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6656C05D-4A4B-47DE-9844-308FD98CFF04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc:0.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8CBF1B20-1478-472C-B9A1-974A7A5333C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc:0.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C29EDDF9-DE90-4AA7-8454-D42B4C37ECF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc:0.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "02AF1C9A-FD6F-4CA4-8275-8B7655F861F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc:0.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5B56B15F-7504-4D55-8C31-1C28F1A8129D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc:0.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6C6BB497-20F6-4CCB-A24E-7228BE68CA5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc:0.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0D2855B3-D0ED-4C8E-95A0-151E88F95057",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc:0.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "56B90DCE-2EA9-49AA-9F63-0515C751E821",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc:0.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "34C4F8C4-EEA4-4369-BBC8-C726059C8852",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc:0.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C2821324-7A44-40CD-95B8-F4B5B09E6D69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc:0.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4A98AC34-2FAB-4CAE-9D14-B4E11CC2AFB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc:0.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "347E213C-83AF-4F98-8096-2113E00C1BC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc:0.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6A26753D-44F2-49F6-8486-1DD61297C037",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc:0.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "67C2B1C1-1606-411D-A9CA-D1A654FD4133",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc:0.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "28BBBBAF-71F7-4F47-ADE6-FF7B590832E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc:0.8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5AC67A7B-21E0-45DA-A70F-EE97079140A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc:0.8.4a:*:*:*:*:*:*:*",
"matchCriteriaId": "1062EB82-2A6C-4770-A339-21686FF9E923",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc:0.8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FEA7ECBE-1CAE-47C5-ACC1-F7BBA3946CCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc:0.8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "50A23534-3DF7-422A-B997-1FB16D8564C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc:0.8.6a:*:*:*:*:*:*:*",
"matchCriteriaId": "9E85F765-D2DF-41C0-A90F-732861CA32F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc:0.8.6b:*:*:*:*:*:*:*",
"matchCriteriaId": "26981B0C-6A7E-40BA-8F50-0C19870258FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc:0.8.6c:*:*:*:*:*:*:*",
"matchCriteriaId": "89FAFEE4-35FE-44BE-90DD-1E067A1A2AAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc:0.8.6d:*:*:*:*:*:*:*",
"matchCriteriaId": "686E1C6D-CDE6-4615-B983-3BCDDDE921AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc:0.8.6e:*:*:*:*:*:*:*",
"matchCriteriaId": "6545867A-07ED-4E16-AED0-566C5CCD46FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:videolan:vlc:0.8.1337:*:*:*:*:*:*:*",
"matchCriteriaId": "053BE4FF-4699-42E8-B480-DA2224EC2BDE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple integer overflows in VLC before 0.8.6f allow remote attackers to cause a denial of service (crash) via the (1) MP4 demuxer, (2) Real demuxer, and (3) Cinepak codec, which triggers a buffer overflow."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de enteros en VLC anterior a 0.8.6f, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda) a trav\u00e9s del demultiplexador (1) MP4, (2) Real y (3) el codec Cinepak, que inicia el desbordamiento de b\u00fafer."
}
],
"id": "CVE-2008-1768",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2008-04-25T06:05:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/29503"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/29800"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200804-25.xml"
},
{
"source": "cve@mitre.org",
"url": "http://wiki.videolan.org/Changelog/0.8.6f"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/28903"
},
{
"source": "cve@mitre.org",
"url": "http://www.videolan.org/developers/vlc/NEWS"
},
{
"source": "cve@mitre.org",
"url": "http://www.videolan.org/security/sa0803.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/0985"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14412"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/29503"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/29800"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200804-25.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://wiki.videolan.org/Changelog/0.8.6f"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/28903"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.videolan.org/developers/vlc/NEWS"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.videolan.org/security/sa0803.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/0985"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14412"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…