oss-sec mailing list archives
CVE request: VLC bookmark buffer overflow
From: henri () nerv fi
Date: Wed, 2 Mar 2011 23:11:29 +0200
Can I get CVE-identifier for this issue: "VLC media player is vulnerable to a buffer overflow attack when processing .mp3 file and its metadata. It fails to perform boundry checks when creating a bookmark from the malicious media file playing, resulting in a crash, overwriting ECX register. While the evil .mp3 is playing, you go Playback > Bookmarks > Manage bookmarks > Create." References: http://osvdb.org/show/osvdb/62728/printer
Current thread:
- CVE request: VLC bookmark buffer overflow henri (Mar 02)
- Re: CVE request: VLC bookmark buffer overflow Josh Bressers (Mar 03)
- Re: CVE request: VLC bookmark buffer overflow Josh Bressers (Mar 03)
- Re: CVE request: VLC bookmark buffer overflow Henri Salo (Mar 24)
- Re: CVE request: VLC bookmark buffer overflow Steven M. Christey (Mar 28)
- Re: CVE request: VLC bookmark buffer overflow Josh Bressers (Mar 03)
- Re: CVE request: VLC bookmark buffer overflow Josh Bressers (Mar 03)