oval:org.mitre.oval:def:8254

Definition Id: oval:org.mitre.oval:def:8254

Oval ID:	oval:org.mitre.oval:def:8254
Title:	DSA-1819 vlc -- several vulnerabilities
Description:	Several vulnerabilities have been discovered in vlc, a multimedia player and streamer. The Common Vulnerabilities and Exposures project identifies the following problems: Drew Yao discovered that multiple integer overflows in the MP4 demuxer, Real demuxer and Cinepak codec can lead to the execution of arbitrary code. Drew Yao discovered that the Cinepak codec is prone to a memory corruption, which can be triggered by a crafted Cinepak file. Luigi Auriemma discovered that it is possible to execute arbitrary code via a long subtitle in an SSA file. It was discovered that vlc is prone to a search path vulnerability, which allows local users to perform privilege escalations. Alin Rad Pop discovered that it is possible to execute arbitrary code when opening a WAV file containing a large fmt chunk. Pinar Yanarda discovered that it is possible to execute arbitrary code when opening a crafted mmst link. Tobias Klein discovered that it is possible to execute arbitrary code when opening a crafted .ty file. Tobias Klein discovered that it is possible to execute arbitrary code when opening an invalid CUE image file with a crafted header.
Family:	unix	Class:	patch
Reference(s):	DSA-1819 CVE-2008-1768 CVE-2008-1769 CVE-2008-1881 CVE-2008-2147 CVE-2008-2430 CVE-2008-3794 CVE-2008-4686 CVE-2008-5032	Version:	5
Platform(s):	Debian GNU/Linux 4.0	Product(s):	vlc
Definition Synopsis:
Debian GNU/Linux 4.0 is installed. Architecture section Architecture independent section Installed architecture is all AND Packages section wxvlc is earlier than 0.8.6-svn20061012.debian-5.1+etch3 AND vlc-plugin-alsa is earlier than 0.8.6-svn20061012.debian-5.1+etch3 AND vlc-plugin-arts is earlier than 0.8.6-svn20061012.debian-5.1+etch3 AND vlc is earlier than 0.8.6-svn20061012.debian-5.1+etch3 AND mozilla-plugin-vlc is earlier than 0.8.6-svn20061012.debian-5.1+etch3 AND vlc-plugin-ggi is earlier than 0.8.6-svn20061012.debian-5.1+etch3 AND vlc-plugin-esd is earlier than 0.8.6-svn20061012.debian-5.1+etch3 AND libvlc0-dev is earlier than 0.8.6-svn20061012.debian-5.1+etch3 AND libvlc0 is earlier than 0.8.6-svn20061012.debian-5.1+etch3 AND vlc-nox is earlier than 0.8.6-svn20061012.debian-5.1+etch3 AND vlc-plugin-sdl is earlier than 0.8.6-svn20061012.debian-5.1+etch3 OR Architecture dependent section Installed architecture is i386 AND Packages section vlc-plugin-glide is earlier than 0.8.6-svn20061012.debian-5.1+etch3 AND vlc-plugin-svgalib is earlier than 0.8.6-svn20061012.debian-5.1+etch3

Definition Id: oval:org.mitre.oval:def:6461

Oval ID:	oval:org.mitre.oval:def:6461
Title:	Debian GNU/Linux 4.0 is installed.
Description:	Debian GNU/Linux 4.0 (etch) is installed
Family:	unix	Class:	inventory
Reference(s):	cpe:/o:debian:debian_gnu/linux:4.0	Version:	9
Platform(s):	Debian GNU/Linux 4.0	Product(s):
Definition Synopsis:
Debian GNU/Linux 4.0 is installed
Referenced By:
oval:org.mitre.oval:def:8254

Copyright Security-Database 2006-2024 - Powered by themself ;) in 0.0367s

Facebook rss twitter linkedin mail