CVE-2010-3907

描述

Multiple integer overflows in real.c in the Real demuxer plugin in VideoLAN VLC Media Player before 1.1.6 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a zero i_subpackets value in a Real Media file, leading to a heap-based buffer overflow.

受影響套件(1)

• Debian/vlcfrom 0, < 1.1.3-1squeeze1

參考連結(1)

• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2010-3907