CVE-2008-5036

EPSS 68.7%

Published: 11/10/2008Modified: 4/28/2026

Also known as:DEBIAN-CVE-2008-5036

Description

Stack-based buffer overflow in VideoLAN VLC media player 0.9.x before 0.9.6 might allow user-assisted attackers to execute arbitrary code via an an invalid RealText (rt) subtitle file, related to the ParseRealText function in modules/demux/subtitle.c. NOTE: this issue was SPLIT from CVE-2008-5032 on 20081110.

Affected packages (1)

Debian/vlcfrom 0, < 1.0.3-1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2008-5036