CVE-2008-5032

EPSS 18.2%

vlc - buffer overflows

Published: 11/10/2008Modified: 4/28/2026

Description

Stack-based buffer overflow in VideoLAN VLC media player 0.5.0 through 0.9.5 might allow user-assisted attackers to execute arbitrary code via the header of an invalid CUE image file, related to modules/access/vcd/cdrom.c. NOTE: this identifier originally included an issue related to RealText, but that issue has been assigned a separate identifier, CVE-2008-5036.

Affected packages (2)

Debian/vlcfrom 0, < 0.8.6.h-5
Debian/vlcfrom 0, < 0.8.6.h-4+lenny2

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2008-5032