Published: 16/01/2008 Updated: 29/09/2017

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 1000

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Heap-based buffer overflow in the libaccess_realrtsp plugin in VideoLAN VLC Media Player 0.8.6d and previous versions on Windows might allow remote RTSP servers to cause a denial of service (application crash) or execute arbitrary code via a long string.

Vulnerable Product	Search on Vulmon	Subscribe to Product
videolan vlc_media_player

Debian Bug report logs - #461544 vlc: CVE-2008-029[5,6] multiple vulnerabilities in embedded xine copy Package: vlc; Maintainer for vlc is Debian Multimedia Maintainers <debian-multimedia@listsdebianorg>; Source for vlc is src:vlc (PTS, buildd, popcon) Reported by: Nico Golde <nion@debianorg> Date: Sat, 19 Jan 200 ...

#!/usr/bin/python # # Kantaris 034 Media Player Local Buffer Overflow [0day!] # # The following exploit will make a filmssa file, # just rename the file with the name of your movie, and use your imagination # to pwn! :) # Shellcode is local bind shell, just telnet to port:4444 to get command prompt :) # # BIG thanks to muts <muts[at]offensi ...

CWE-119 http://aluigi.altervista.org/adv/vlcxhof-adv.txt http://www.gentoo.org/security/en/glsa/glsa-200803-13.xml http://secunia.com/advisories/29284 http://www.debian.org/security/2008/dsa-1543 http://secunia.com/advisories/29766 http://www.vupen.com/english/advisories/2008/0105 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14597 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=461544 https://nvd.nist.gov https://www.exploit-db.com/exploits/5498/

CVE-2008-0296

Vulnerability Summary

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect