CVE-2008-4686

EPSS 8.3%

vlc - integer overflows

Published: 10/22/2008Modified: 4/28/2026

Description

Multiple integer overflows in ty.c in the TY demux plugin (aka the TiVo demuxer) in VideoLAN VLC media player, probably 0.9.4, might allow remote attackers to execute arbitrary code via a crafted .ty file, a different vulnerability than CVE-2008-4654.

Affected packages (2)

Debian/vlcfrom 0, < 0.8.6.h-4.1
Debian/vlcfrom 0, < 0.8.6.h-4+lenny1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2008-4686