[vlc-devel] sdpplin_parse() Array Indexing Buffer Overflow Exploit PoC
Pavlov Konstantin
thresh at altlinux.ru
Wed Mar 26 12:32:54 CET 2008
On Wed, Mar 26, 2008 at 12:28:55PM +0100, hannes_b at gmx.at wrote:
> Pavlov Konstantin wrote:
>> On Wed, Mar 26, 2008 at 11:58:34AM +0100, hannes_b at gmx.at wrote:
>>> http://www.milw0rm.com/exploits/5307
>>>
>>> # milw0rm.com [2008-03-25]
>> Please don't spam the mailing list with offtopic.
>> If you're referring to CVE-2008-0073, it is already fixed.
>
> if so what are you guys waiting for? release 0.8.6.f!
>
> should the people still use unsafe software?
>
> it is now a big issue on heise.de the biggest german speaking it site.
There is some work (security-related as well) still to be done to release
0.8.6f.
--
I am more bored than you could ever possibly be. Go back to work.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: <http://mailman.videolan.org/pipermail/vlc-devel/attachments/20080326/596cfad8/attachment.sig>
More information about the vlc-devel
mailing list