[vlc-devel] sdpplin_parse() Array Indexing Buffer Overflow Exploit PoC

Pavlov Konstantin thresh at altlinux.ru
Wed Mar 26 12:32:54 CET 2008

On Wed, Mar 26, 2008 at 12:28:55PM +0100, hannes_b at gmx.at wrote:
> Pavlov Konstantin wrote:
>> On Wed, Mar 26, 2008 at 11:58:34AM +0100, hannes_b at gmx.at wrote:
>>> http://www.milw0rm.com/exploits/5307
>>> # milw0rm.com [2008-03-25]
>> Please don't spam the mailing list with offtopic.
>> If you're referring to CVE-2008-0073, it is already fixed.
> if so what are you guys waiting for? release 0.8.6.f!
> should the people still use unsafe software?
> it is now a big issue on heise.de the biggest german speaking it site.

There is some work (security-related as well) still to be done to release

I am more bored than you could ever possibly be.  Go back to work.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: <http://mailman.videolan.org/pipermail/vlc-devel/attachments/20080326/596cfad8/attachment.sig>

More information about the vlc-devel mailing list