[vlc-devel] CVE-2008-3732
Rémi Denis-Courmont
rem at videolan.org
Thu Aug 21 18:03:49 CEST 2008
Hello,
Some asocial pirate going by the nickname of "g_" has found and published a
buffer overflow vulnerability in the TTA file parser a few days ago. Now,
there is nothing wrong with looking for vulnerabilities in VLC. But there is
something wrong when you go to Bugtraq and do not even contact us - *at*all*
(not even afterwards). Oh and the CVE guys have assigned a CVE candidate
number without even contacting us either...
Note that the actual buffer overflow will cause VLC to try to write a very
large amount of data. Hence it seems very unlikely to result in code
execution, as VLC will eventually read out of bound and trigger a
segmentation fault first. Since there are quite many ways to crash VLC with a
corrupted input file starving VLC for memory, this is hence not a very big
deal. Anyway, the fixes are both 0.9.0 master and 0.8.6-bugfix source code
branches already.
Anyway, big shame on Pawel Kinski or whatever that irresponsible despicable g_
person's real name happens to be.
Regards to every one else,
--
Rémi Denis-Courmont
More information about the vlc-devel
mailing list