Showing 1 - 4 of 4

CVE-2007-0017

Status Candidate

Overview

Multiple format string vulnerabilities in (1) the cdio_log_handler function in modules/access/cdda/access.c in the CDDA (libcdda_plugin) plugin, and the (2) cdio_log_handler and (3) vcd_log_handler functions in modules/access/vcdx/access.c in the VCDX (libvcdx_plugin) plugin, in VideoLAN VLC 0.7.0 through 0.8.6 allow user-assisted remote attackers to execute arbitrary code via format string specifiers in an invalid URI, as demonstrated by a udp://-- URI in an M3U file.

Related Files

Debian Linux Security Advisory 1252-1: Posted Jan 29, 2007; Authored by Debian | Site debian.org; Debian Security Advisory 1252-1 - Kevin Finisterre discovered several format string problems in vlc, a multimedia player and streamer, that could lead to the execution of arbitrary code.; tags | advisory, arbitrary; systems | linux, debian; advisories | CVE-2007-0017; SHA-256 | b0db124c8561325792c13a5af9c131d5054868d9821503f2946b24f92ead5191; Download | Favorite | View

SUSE-SA-2007-013.txt: Posted Jan 27, 2007; Site suse.com; SUSE Security Announcement - This update fixes several format string bugs that can be exploited remotely with user-assistance to execute arbitrary code. Since SUSE Linux version 10.1 format string bugs are not exploitable anymore.; tags | advisory, arbitrary; systems | linux, suse; advisories | CVE-2007-0017; SHA-256 | 6b2bdc550586e6a5f63c1230ceb748d9bd167167f804ebd60469a4d9b58e1adc; Download | Favorite | View

VLCMediaSlayer-ppc.pl.txt: Posted Jan 4, 2007; Authored by Kevin Finisterre, LMH | Site projects.info-pull.com; Month Of Apple Bugs - A vulnerability in the handling of the udp:// URL handler for the VLC Media Player allows remote arbitrary code execution. This is just a vanilla format string exploit for OSX on ppc.; tags | exploit, remote, arbitrary, udp, code execution, ppc; systems | apple; advisories | CVE-2007-0017; SHA-256 | eee494f2f67e54b963758dd0fa93937a50e35597b8d00f31b63f7f421bb37406; Download | Favorite | View

VLCMediaSlayer-x86.pl.txt: Posted Jan 4, 2007; Authored by Kevin Finisterre, LMH | Site projects.info-pull.com; Month Of Apple Bugs - A vulnerability in the handling of the udp:// URL handler for the VLC Media Player allows remote arbitrary code execution. This exploit will create a malicious .m3u file that will cause VLC Player for OSX to execute arbitrary code.; tags | exploit, remote, arbitrary, udp, code execution; systems | apple; advisories | CVE-2007-0017; SHA-256 | 4a8563fe447682266c5981ff8f4f4eb1e3e5a7ac789b3d0b1ce506d8981cf777; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 220 files
indoushka 88 files
Ubuntu 84 files
Gentoo 36 files
Jasper Nota 25 files
Debian 20 files
Willem Westerhof 19 files
Jim Blankendaal 11 files
Martijn Baalman 9 files
Apple 9 files

File Archives

Systems

AIX (429)
Apple (2,099)
BSD (377)
CentOS (58)
Cisco (1,927)
Debian (7,098)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,567)
HPUX (880)
iOS (378)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,715)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,486)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,742)
UNIX (9,435)
UnixWare (187)
Windows (6,672)
Other

CVE-2007-0017

Overview

Related Files

File Archive:

August 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems