Detections
Analytics

CVE-2008-0984

high

Description

The MP4 demuxer (mp4.c) for VLC media player 0.8.6d and earlier, as used in Miro Player 1.1 and earlier, allows remote attackers to overwrite arbitrary memory and execute arbitrary code via a malformed MP4 file.

References

http://www.vupen.com/english/advisories/2008/0682

http://www.videolan.org/security/sa0802.html

http://www.securitytracker.com/id?1019510

http://www.securityfocus.com/bid/28007

http://www.securityfocus.com/archive/1/488841/100/0/threaded

http://www.gentoo.org/security/en/glsa/glsa-200803-13.xml

http://www.debian.org/security/2008/dsa-1543

http://www.coresecurity.com/?action=item&id=2147

http://secunia.com/advisories/29766

http://secunia.com/advisories/29284

http://secunia.com/advisories/29153

http://secunia.com/advisories/29122

http://lists.grok.org.uk/pipermail/full-disclosure/2008-February/060481.html

Details

Source: Mitre, NVD

Published: 2008-02-26

Updated: 2018-10-15

Risk Information

CVSS v2

Base Score: 9.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Severity: High