diff options
author | V3n3RiX <venerix@redcorelinux.org> | 2017-10-09 18:53:29 +0100 |
---|---|---|
committer | V3n3RiX <venerix@redcorelinux.org> | 2017-10-09 18:53:29 +0100 |
commit | 4f2d7949f03e1c198bc888f2d05f421d35c57e21 (patch) | |
tree | ba5f07bf3f9d22d82e54a462313f5d244036c768 /metadata/glsa/glsa-200803-13.xml |
reinit the tree, so we can have metadata
Diffstat (limited to 'metadata/glsa/glsa-200803-13.xml')
-rw-r--r-- | metadata/glsa/glsa-200803-13.xml | 97 |
1 files changed, 97 insertions, 0 deletions
diff --git a/metadata/glsa/glsa-200803-13.xml b/metadata/glsa/glsa-200803-13.xml new file mode 100644 index 000000000000..747ef86a5a32 --- /dev/null +++ b/metadata/glsa/glsa-200803-13.xml @@ -0,0 +1,97 @@ +<?xml version="1.0" encoding="utf-8"?> +<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> +<glsa id="200803-13"> + <title>VLC: Multiple vulnerabilities</title> + <synopsis> + Multiple vulnerabilities were found in VLC, allowing for the execution of + arbitrary code and Denial of Service. + </synopsis> + <product type="ebuild">vlc</product> + <announced>2008-03-07</announced> + <revised>2008-03-07: 01</revised> + <bug>203345</bug> + <bug>211575</bug> + <bug>205299</bug> + <access>remote</access> + <affected> + <package name="media-video/vlc" auto="yes" arch="*"> + <unaffected range="ge">0.8.6e</unaffected> + <vulnerable range="lt">0.8.6e</vulnerable> + </package> + </affected> + <background> + <p> + VLC is a cross-platform media player and streaming server. + </p> + </background> + <description> + <p> + Multiple vulnerabilities were found in VLC: + </p> + <ul> + <li>Michal Luczaj + and Luigi Auriemma reported that VLC contains boundary errors when + handling subtitles in the ParseMicroDvd(), ParseSSA(), and + ParseVplayer() functions in the modules/demux/subtitle.c file, allowing + for a stack-based buffer overflow (CVE-2007-6681).</li> + <li>The web + interface listening on port 8080/tcp contains a format string error in + the httpd_FileCallBack() function in the network/httpd.c file + (CVE-2007-6682).</li> + <li>The browser plugin possibly contains an + argument injection vulnerability (CVE-2007-6683).</li> + <li>The RSTP + module triggers a NULL pointer dereference when processing a request + without a "Transport" parameter (CVE-2007-6684).</li> + <li>Luigi + Auriemma and Remi Denis-Courmont found a boundary error in the + modules/access/rtsp/real_sdpplin.c file when processing SDP data for + RTSP sessions (CVE-2008-0295) and a vulnerability in the + libaccess_realrtsp plugin (CVE-2008-0296), possibly resulting in a + heap-based buffer overflow.</li> + <li>Felipe Manzano and Anibal Sacco + (Core Security Technologies) discovered an arbitrary memory overwrite + vulnerability in VLC's MPEG-4 file format parser (CVE-2008-0984).</li> + </ul> + </description> + <impact type="high"> + <p> + A remote attacker could send a long subtitle in a file that a user is + enticed to open, a specially crafted MP4 input file, long SDP data, or + a specially crafted HTTP request with a "Connection" header value + containing format specifiers, possibly resulting in the remote + execution of arbitrary code. Also, a Denial of Service could be caused + and arbitrary files could be overwritten via the "demuxdump-file" + option in a filename in a playlist or via an EXTVLCOPT statement in an + MP3 file. + </p> + </impact> + <workaround> + <p> + There is no known workaround at this time. + </p> + </workaround> + <resolution> + <p> + All VLC users should upgrade to the latest version: + </p> + <code> + # emerge --sync + # emerge --ask --oneshot --verbose ">=media-video/vlc-0.8.6e"</code> + </resolution> + <references> + <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6681">CVE-2007-6681</uri> + <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6682">CVE-2007-6682</uri> + <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6683">CVE-2007-6683</uri> + <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6684">CVE-2007-6684</uri> + <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0295">CVE-2008-0295</uri> + <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0296">CVE-2008-0296</uri> + <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0984">CVE-2008-0984</uri> + </references> + <metadata tag="submitter" timestamp="2008-03-05T21:55:08Z"> + keytoaster + </metadata> + <metadata tag="bugReady" timestamp="2008-03-07T18:42:04Z"> + p-y + </metadata> +</glsa> |