Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [day] [month] [year] [list] 
Date: Fri, 18 Sep 2009 01:21:09 +0200
From: Alex Legler <a3li@...too.org>
To: oss-security <oss-security@...ts.openwall.com>
Subject: CVE request: VLC -- Stack-based buffer overflows in three demuxers

Hey,

just caught this at Secunia [1], can we please get a CVE?

"Some vulnerabilities have been reported in VLC Media Player, which can
be exploited by malicious people to potentially compromise a user's
system.

1) A boundary error exists within the "ASF_ObjectDumpDebug()" function
in modules/demux/asf/libasf.c. This can be exploited to cause a
stack-based buffer overflow via a specially crafted ASF file.

2) A boundary error exists within the "AVI_ChunkDumpDebug_level()"
function in modules/demux/avi/libavi.c. This can be exploited to cause
a stack-based buffer overflow via a specially crafted AVI file.

3) A boundary error exists within the "__MP4_BoxDumpStructure()"
function in modules/demux/mp4/libmp4.c. This can be exploited to cause
a stack-based buffer overflow via a specially crafted MP4 file."

Commits containing the fixes:

1)
http://git.videolan.org/?p=vlc.git;a=commit;h=dfe7084e8cc64e9b7a87cd37065b59cba2064823

2)
http://git.videolan.org/?p=vlc.git;a=commit;h=861e374d03e6c60c7d3c98428c632fe3b9e371b2

3)
http://git.videolan.org/?p=vlc.git;a=commit;h=c5b02d011b8c634d041167f4d2936b55eca4d18d

Thanks,
Alex

[1] http://secunia.com/advisories/36762/

Download attachment "signature.asc" of type "application/pgp-signature" (199 bytes)

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.