Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Wed, 11 Aug 2010 16:21:51 -0400 (EDT)
From: Josh Bressers <bressers@...hat.com>
To: oss-security@...ts.openwall.com, remi@...lab.net
Cc: Rémi Denis-Courmont <rem@...eolan.org>,
        coley <coley@...re.org>
Subject: Re: CVE request: VideoLAN advisory 1004

Please use CVE-2010-2937 for this.

Thanks.

-- 
    JB


----- "Rémi Denis-Courmont" <rem@...eolan.org> wrote:

> Hello,
> 
> Can I get a CVE number for this? Please CC me on replies.
> 
> http://www.videolan.org/security/sa1004.html
> 
> ----8<--------8<--------8<--------8<--------8<--------8<--------8<----
> 
> VideoLAN Security Advisory 1004
> 
> Summary           : Insufficient input validation in VLC TagLib
> plugin
> Date              : August 2011
> Affected versions : VLC media player versions 1.1.2 down to 0.9.0
> ID                : VideoLAN-SA-1004
> CVE reference     : N/A
> 
> Details
> 
> VLC fails to perform sufficient input validation when trying to
> extract some 
> meta-informations about input media through ID3v2 tags. In the failure
> case, 
> VLC attempt dereference an invalid memory address, and a crash will
> ensure.
> 
> Impact
> 
> In the failure case, VLC will dereference a memory address within the
> first 
> page of its process virtual memory. In normal conditions, and on most
> 
> operating systems, this will result in a segmentation fault (a general
> 
> protection fault on Windows), and the process will terminate
> abruptly.
> 
> In most usage scenarii, this will only cause user annoyance.
> 
> Threat mitigation
> 
> Exploitation of this issue requires the user to include a file in its
> playlist 
> or to attempt to open it.
> 
> Workarounds
> 
> The user should refrain from opening files from untrusted third
> parties or 
> accessing untrusted remote sites (or disable the VLC browser plugins),
> until 
> the patch is applied.
> 
> Solution
> 
> VLC media player 1.1.3 [will address] this issue. Patches for VLC
> media player 
> 1.1.x and 1.0.x are available from the corresponding official VLC
> source code 
> repositories.
> 
> Credits
> 
> This vulnerability was reported by FortiGuard Labs.
> 
> References
> 
> The VideoLAN project
>     http://www.videolan.org/ 
> FortiGuard Labs
>     http://www.fortinet.com/ 
> Patch for VLC 1.1.2, 1.1.1, 1.1.0
>     commit 24918843e57c7962e28fcb01845adce82bed6516 
> Patch for VLC 1.0.6
>     commit 22a22e356c9d93993086810b2e25b59b55925b3a 
> 
> ----8<--------8<--------8<--------8<--------8<--------8<--------8<----
> 
> Thanks in advance, best regards,
> 
> -- 
> Rémi Denis-Courmont
> http://git.remlab.net/cgi-bin/gitweb.cgi?p=vlc-courmisch.git;a=summary

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.