ID CVE-2008-1769
Summary VLC before 0.8.6f allow remote attackers to cause a denial of service (crash) via a crafted Cinepak file that triggers an out-of-bounds array access and memory corruption.
References
Vulnerable Configurations
  • cpe:2.3:a:videolan:vlc:0.1.99:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc:0.1.99:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc:0.1.99a:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc:0.1.99a:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc:0.1.99b:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc:0.1.99b:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc:0.1.99c:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc:0.1.99c:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc:0.1.99d:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc:0.1.99d:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc:0.1.99e:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc:0.1.99e:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc:0.1.99f:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc:0.1.99f:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc:0.1.99g:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc:0.1.99g:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc:0.1.99h:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc:0.1.99h:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc:0.1.99i:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc:0.1.99i:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc:0.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc:0.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc:0.2.50:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc:0.2.50:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc:0.2.60:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc:0.2.60:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc:0.2.61:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc:0.2.61:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc:0.2.62:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc:0.2.62:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc:0.2.63:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc:0.2.63:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc:0.2.70:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc:0.2.70:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc:0.2.71:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc:0.2.71:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc:0.2.72:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc:0.2.72:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc:0.2.73:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc:0.2.73:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc:0.2.80:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc:0.2.80:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc:0.2.81:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc:0.2.81:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc:0.2.82:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc:0.2.82:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc:0.2.83:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc:0.2.83:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc:0.2.90:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc:0.2.90:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc:0.2.91:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc:0.2.91:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc:0.2.92:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc:0.2.92:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc:0.3.0:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc:0.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc:0.3.1:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc:0.3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc:0.4.0:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc:0.4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc:0.4.1:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc:0.4.1:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc:0.4.2:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc:0.4.2:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc:0.4.3:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc:0.4.3:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc:0.4.3_ac3:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc:0.4.3_ac3:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc:0.4.4:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc:0.4.4:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc:0.4.5:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc:0.4.5:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc:0.4.6:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc:0.4.6:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc:0.5.0:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc:0.5.0:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc:0.5.1:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc:0.5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc:0.5.2:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc:0.5.2:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc:0.5.3:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc:0.5.3:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc:0.6.0:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc:0.6.0:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc:0.6.1:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc:0.6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc:0.6.2:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc:0.6.2:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc:0.7.0:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc:0.7.0:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc:0.7.1:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc:0.7.1:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc:0.7.2:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc:0.7.2:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc:0.8.0:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc:0.8.0:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc:0.8.1:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc:0.8.1:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc:0.8.2:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc:0.8.2:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc:0.8.4:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc:0.8.4:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc:0.8.4a:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc:0.8.4a:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc:0.8.5:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc:0.8.5:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc:0.8.6:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc:0.8.6:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc:0.8.6a:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc:0.8.6a:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc:0.8.6b:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc:0.8.6b:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc:0.8.6c:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc:0.8.6c:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc:0.8.6d:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc:0.8.6d:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc:0.8.6e:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc:0.8.6e:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc:0.8.1337:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc:0.8.1337:*:*:*:*:*:*:*
CVSS
Base: 6.8 (as of 29-09-2017 - 01:30)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:P/I:P/A:P
oval via4
accepted 2012-11-19T04:00:12.300-05:00
class vulnerability
contributors
  • name Shane Shaffer
    organization G2, Inc.
  • name Shane Shaffer
    organization G2, Inc.
definition_extensions
comment VLC media player is installed
oval oval:org.mitre.oval:def:11821
description VLC before 0.8.6f allow remote attackers to cause a denial of service (crash) via a crafted Cinepak file that triggers an out-of-bounds array access and memory corruption.
family windows
id oval:org.mitre.oval:def:14445
status accepted
submitted 2012-01-24T15:20:33.178-04:00
title Denial of service vulnerability in VLC before 0.8.6f
version 6
refmap via4
bid 28904
confirm
gentoo GLSA-200804-25
misc
secunia
  • 29503
  • 29800
vupen ADV-2008-0985
Last major update 29-09-2017 - 01:30
Published 25-04-2008 - 06:05
Last modified 29-09-2017 - 01:30
Back to Top