Published: 23/03/2009 Updated: 29/09/2017

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 505

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

requests/status.xml in VLC 0.9.8a allows remote malicious users to cause a denial of service (stack consumption and crash) via a long input argument in an in_play action.

Vulnerable Product	Search on Vulmon	Subscribe to Product
videolan vlc media player 0.9.8a

Debian Bug report logs - #522170 vlc: CVE-2009-1045 denial of service if web user interface is used Package: vlc; Maintainer for vlc is Debian Multimedia Maintainers <debian-multimedia@listsdebianorg>; Source for vlc is src:vlc (PTS, buildd, popcon) Reported by: Nico Golde <nion@debianorg> Date: Wed, 1 Apr 2009 1 ...

#!/usr/bin/perl ######################################################## ## VLC 098a Web UI Remote Stack Overflow (DoS) by TheLeader ## GreetZ: forumshackingorgil ## TiP oF TEh DaY: Rock on! =] ######################################################## use IO::Socket; my $host = shift || 'localhost'; # Target host my $port = shift || 8080; # ...

CWE-20 http://www.openwall.com/lists/oss-security/2009/03/17/4 http://bugs.gentoo.org/show_bug.cgi?id=262708 http://www.securityfocus.com/bid/34126 https://exchange.xforce.ibmcloud.com/vulnerabilities/49249 https://www.exploit-db.com/exploits/8213 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14357 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=522170 https://nvd.nist.gov https://www.exploit-db.com/exploits/8213/

CVE-2009-1045

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect