CVE-2008-4654

EPSS 82.1%

Published: 10/22/2008Modified: 4/28/2026

Also known as:DEBIAN-CVE-2008-4654

Description

Stack-based buffer overflow in the parse_master function in the Ty demux plugin (modules/demux/ty.c) in VLC Media Player 0.9.0 through 0.9.4 allows remote attackers to execute arbitrary code via a TiVo TY media file with a header containing a crafted size value.

Affected packages (1)

Debian/vlcfrom 0, < 1.0.3-1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2008-4654