CVE Vulnerabilities

CVE-2007-3316

Published: Jun 21, 2007 | Modified: Oct 16, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
9.3 HIGH
AV:N/AC:M/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu
UNTRIAGED

Multiple format string vulnerabilities in plugins in VideoLAN VLC Media Player before 0.8.6c allow remote attackers to cause a denial of service (crash) or execute arbitrary code via format string specifiers in (1) an Ogg/Vorbis file, (2) an Ogg/Theora file, (3) a CDDB entry for a CD Digital Audio (CDDA) file, or (4) Service Announce Protocol (SAP) multicast packets.

Affected Software

Name Vendor Start Version End Version
Vlc_media_player Videolan 0.8.6a (including) 0.8.6a (including)
Vlc_media_player Videolan 0.8.6b (including) 0.8.6b (including)
Vlc Ubuntu dapper *
Vlc Ubuntu devel *
Vlc Ubuntu edgy *
Vlc Ubuntu feisty *
Vlc Ubuntu gutsy *
Vlc Ubuntu hardy *
Vlc Ubuntu intrepid *
Vlc Ubuntu jaunty *
Vlc Ubuntu karmic *

References