CVE-2008-3794

NONECVSS 0.0

0.0

Integer signedness error in the mms_ReceiveCommand function in modules/access/mms/mmstu.c in VLC Media Player 0.8.6i allows remote attackers to execute arbitrary code via a crafted mmst link with a negative size value, which bypasses a size check and triggers an integer overflow followed by a heap-based buffer overflow.

🔗 References (20)

cve@mitrehttp://mailman.videolan.org/pipermail/vlc-devel/2008-August/048488.html
cve@mitrehttp://security.gentoo.org/glsa/glsa-200809-06.xml
cve@mitrehttp://securityreason.com/securityalert/4190
cve@mitrehttp://www.openwall.com/lists/oss-security/2008/08/24/3
cve@mitrehttp://www.orange-bat.com/adv/2008/adv.08.24.txt
cve@mitrehttp://www.securityfocus.com/bid/30806
cve@mitrehttp://www.securitytracker.com/id?1020759
cve@mitrehttps://exchange.xforce.ibmcloud.com/vulnerabilities/44659
cve@mitrehttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14531
cve@mitrehttps://www.exploit-db.com/exploits/6293
af854a3a-2127-422b-91ae-364da2661108http://mailman.videolan.org/pipermail/vlc-devel/2008-August/048488.html
af854a3a-2127-422b-91ae-364da2661108http://security.gentoo.org/glsa/glsa-200809-06.xml
af854a3a-2127-422b-91ae-364da2661108http://securityreason.com/securityalert/4190
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2008/08/24/3
af854a3a-2127-422b-91ae-364da2661108http://www.orange-bat.com/adv/2008/adv.08.24.txt

Is Your Infrastructure Affected by CVE-2008-3794?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2008-3794

📅 Published

🔄 Last Modified

🔗 References (20)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2008-3794?