[vlc-devel] CVE-2009-1045 VLC 0.9.8a DoS (crash) and possibly arbitrary code execution

Jean-Baptiste Kempf jb at videolan.org
Tue Mar 24 22:56:37 CET 2009


On Tue, Mar 24, 2009 at 06:26:02PM +0100, Ján iankko Lieskovský wrote :
> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1045
> Checked it affects VLC 0.9.8a (but didn't try the latest git version).
> PoC is available here: http://www.milw0rm.com/exploits/8213
> Could you please address this flaw?
This was already addressed in :

> P.S.: Is there some dedicated e-mail address to report potential security issues in VLC other
> from this one?

videolan@ or security@

Best Regards,

Jean-Baptiste Kempf

More information about the vlc-devel mailing list