CVE-2008-5276

Description

Integer overflow in the ReadRealIndex function in real.c in the Real demuxer plugin in VideoLAN VLC media player 0.9.0 through 0.9.7 allows remote attackers to execute arbitrary code via a malformed RealMedia (.rm) file that triggers a heap-based buffer overflow.

Affected packages (1)

• Debian/vlcfrom 0, < 0.9.8a-1

References (1)

• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2008-5276