Back to search
CVE-2010-3907
Published: Jan 3, 2011
Modified: Aug 7, 2024
PUBLISHED
Description
Multiple integer overflows in real.c in the Real demuxer plugin in VideoLAN VLC Media Player before 1.1.6 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a zero i_subpackets value in a Real Media file, leading to a heap-based buffer overflow.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
oval:org.mitre.oval:def:13950
vdb-entry
signature
x_refsource_OVAL
ADV-2010-3345
vdb-entry
x_refsource_VUPEN
vlcmediaplayer-realdemuxer-code-exec(64461)
vdb-entry
x_refsource_XF
45632
vdb-entry
x_refsource_BID
http://www.videolan.org/security/sa1007.html
x_refsource_CONFIRM
http://www.cs.brown.edu/people/drosenbe/research.html
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now