Home

CVE-2008-5036

Description

Stack-based buffer overflow in VideoLAN VLC media player 0.9.x before 0.9.6 might allow user-assisted attackers to execute arbitrary code via an an invalid RealText (rt) subtitle file, related to the ParseRealText function in modules/demux/subtitle.c. NOTE: this issue was SPLIT from CVE-2008-5032 on 20081110.

Risk Information

Base Score
8.8
MODERATE
Vector
AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
66.452

Associated Vulnerability

VulnerabilityOS Platform
Multiple vulnerabilities affected in VLC Media Player (X64) 0.9.5Windows
Multiple vulnerabilities affected in VLC Media Player 0.9.5Windows
Multiple Vulnerabilities are affected in VLC Media Player (MSI) (x64) 0.9.2Windows
Multiple Vulnerabilities are affected in VLC media player (MSI) 0.9.2Windows
Multiple Vulnerabilities are affected in VLC Media Player (MSI) (x64) 0.9Windows
Multiple Vulnerabilities are affected in VLC Media Player (MSI) (x64) 0.9.1Windows
Multiple Vulnerabilities are affected in VLC Media Player (MSI) (x64) 0.9.3Windows
Multiple Vulnerabilities are affected in VLC Media Player (MSI) (x64) 0.9.4Windows
Multiple Vulnerabilities are affected in VLC media player (MSI) 0.9Windows
Multiple Vulnerabilities are affected in VLC media player (MSI) 0.9.1Windows
Multiple Vulnerabilities are affected in VLC media player (MSI) 0.9.3Windows
Multiple Vulnerabilities are affected in VLC media player (MSI) 0.9.4Windows
Multiple Vulnerabilities are affected in VLC Media Player (MSI) (x64) 0.9.0Windows
Multiple Vulnerabilities are affected in VLC media player (MSI) 0.9.0Windows
Multiple Vulnerabilities are affected in VLC Media Player (MSI) (x64) 0.9.5Windows
Multiple Vulnerabilities are affected in VLC media player (MSI) 0.9.5Windows

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-339135VLC Media Player (X64) (3.0.21)
PATCH-339134VLC Media Player (3.0.21)
PATCH-334048VLC media player (MSI) (x64) (3.0.20.0)
PATCH-334050VLC media player (MSI) (3.0.20.0)
PATCH-334048VLC media player (MSI) (x64) (3.0.20.0)
PATCH-334048VLC media player (MSI) (x64) (3.0.20.0)
PATCH-334048VLC media player (MSI) (x64) (3.0.20.0)
PATCH-334048VLC media player (MSI) (x64) (3.0.20.0)
PATCH-334050VLC media player (MSI) (3.0.20.0)
PATCH-334050VLC media player (MSI) (3.0.20.0)
PATCH-334050VLC media player (MSI) (3.0.20.0)
PATCH-334050VLC media player (MSI) (3.0.20.0)
PATCH-334048VLC media player (MSI) (x64) (3.0.20.0)
PATCH-334050VLC media player (MSI) (3.0.20.0)
PATCH-334048VLC media player (MSI) (x64) (3.0.20.0)
PATCH-334050VLC media player (MSI) (3.0.20.0)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234