exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 44 RSS Feed

Files

TKADV2008-010.txt
Posted Oct 21, 2008
Authored by Tobias Klein | Site trapkit.de

The VLC media player contains a stack overflow vulnerability while parsing malformed TiVo ty media files. The vulnerability can be trivially exploited by a (remote) attacker to execute arbitrary code in the context of VLC media player. Versions 0.9.4 and below are affected.

tags | advisory, remote, overflow, arbitrary
SHA-256 | 3d082ad5cd82a028089e95d1402f60f67f5c3ffebc9cd1673006a937b81a57a7

Related Files

Debian Security Advisory 5707-1
Posted Jun 12, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5707-1 - A buffer overflow was discovered in the MMS module of the VLC media player.

tags | advisory, overflow
systems | linux, debian
SHA-256 | 553c64480f66e1d6da6a0dbd03a9bb0004a704108cfb14edfd9dd82463652b90
Debian Security Advisory 5545-1
Posted Nov 13, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5545-1 - An out-of-bounds write was discovered in the MMS demuxer of the VLC media player.

tags | advisory
systems | linux, debian
SHA-256 | 010ec5f0cca9495963605bbb7a4b2141eb9631d1e783564351dc2b0eb76930fc
Debian Security Advisory 5297-1
Posted Dec 7, 2022
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5297-1 - A buffer overflow was discovered in the VNC module of the VLC media player, which could result in the execution of arbitrary code.

tags | advisory, overflow, arbitrary
systems | linux, debian
advisories | CVE-2022-41325
SHA-256 | 1932c3f067fe022922016500edfcf5a3b134777fbe512aa901a245195dd1b232
Debian Security Advisory 5165-1
Posted Jun 28, 2022
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5165-1 - Multiple vulnerabilities were discovered in the VLC media player, which could result in the execution of arbitrary code or denial of service if a malformed file is opened.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, debian
SHA-256 | acbe2827ba78d8ac9d9f7d5e78354bc5989b137fc1096e6ef06d2674d2193273
Debian Security Advisory 4834-1
Posted Jan 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4834-1 - Multiple vulnerabilities were discovered in the VLC media player, which could result in the execution of arbitrary code or denial of service if a malformed media file is opened.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2020-26664
SHA-256 | 544bd3fed5024bcefffcb2650cfc527c9dd86b0bc5d1dfb373dfa244f6ba1f62
Debian Security Advisory 4704-1
Posted Jun 28, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4704-1 - A vulnerability was discovered in the VLC media player, which could result in the execution of arbitrary code or denial of service if a malformed video file is opened.

tags | advisory, denial of service, arbitrary
systems | linux, debian
advisories | CVE-2020-13428
SHA-256 | 2a557cfcf78c7acd2ec602d5b2e752157487b49f0ffa224afb7182fe571f5b6f
Debian Security Advisory 4671-1
Posted Apr 28, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4671-1 - Multiple security issues were discovered in the microdns plugin of the VLC media player, which could result in denial of service or potentially the execution of arbitrary code via malicious mDNS packets.

tags | advisory, denial of service, arbitrary
systems | linux, debian
advisories | CVE-2020-6071, CVE-2020-6072, CVE-2020-6073, CVE-2020-6077, CVE-2020-6078, CVE-2020-6079, CVE-2020-6080
SHA-256 | ef9df0bd2be4dedf52d06e6a738551173e591d33d7bf4295bffdcb2548c9f31f
Debian Security Advisory 4504-1
Posted Aug 21, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4504-1 - Multiple security issues were discovered in the VLC media player, which could result in the execution of arbitrary code or denial of service if a malformed file/stream is processed.

tags | advisory, denial of service, arbitrary
systems | linux, debian
advisories | CVE-2019-13602, CVE-2019-13962, CVE-2019-14437, CVE-2019-14438, CVE-2019-14498, CVE-2019-14533, CVE-2019-14534, CVE-2019-14535, CVE-2019-14776, CVE-2019-14777, CVE-2019-14778, CVE-2019-14970
SHA-256 | 7b878d2f2aec294af8e8fb3e4880add79989359126d95f4c961652a73bc866aa
Debian Security Advisory 4459-1
Posted Jun 11, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4459-1 - Multiple security issues were discovered in the VLC media player, which could result in the execution of arbitrary code or denial of service if a malformed file/stream is processed.

tags | advisory, denial of service, arbitrary
systems | linux, debian
SHA-256 | 0db3a4b34d64ba82713dffc824475115a6d4b1aaff0aaee269eae97d07837d11
Debian Security Advisory 4366-1
Posted Jan 14, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4366-1 - An integer underflow was discovered in the CAF demuxer of the VLC media player.

tags | advisory
systems | linux, debian
advisories | CVE-2018-19857
SHA-256 | 9b42ce85dee113e384a4f72db80602919d10d2e2a92299845584d92550f98182
Debian Security Advisory 4251-1
Posted Jul 19, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4251-1 - A use-after-free was discovered in the MP4 demuxer of the VLC media player, which could result in the execution of arbitrary code if a malformed media file is played.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2018-11529
SHA-256 | 5253b4c31d0da0c19893d064e2ba6b3b47effeaa41bab133435beffacb724256
Debian Security Advisory 4203-1
Posted May 18, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4203-1 - Hans Jerry Illikainen discovered a type conversion vulnerability in the MP4 demuxer of the VLC media player, which could result in the execution of arbitrary code if a malformed media file is played.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2017-17670
SHA-256 | 1551e89b8993803da7f58d5c3f2ab720f8b71d5d221d8e6b3af8d252bf6dbd8a
Debian Security Advisory 3598-1
Posted Jun 9, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3598-1 - Patrick Coleman discovered that missing input sanitising in the ADPCM decoder of the VLC media player may result in the execution of arbitrary code if a malformed media file is opened.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2016-5108
SHA-256 | ef6e9f7013612db842224145000258841e752a70d48a8576bf41b2598f2f91c5
Google Chrome 4.1.249.1042 Array Indexing Bug
Posted Apr 3, 2010
Authored by Tobias Klein

Google Chrome is vulnerable to an out-of-bounds array indexing bug, caused by the improper handling of FTP PWD command server responses. By persuading a victim to visit a specially-crafted web site containing an iframe pointing to a malicious FTP server, a remote attacker could exploit this bug and cause the browser to crash. Versions 4.1.249.1042 (Build 42199) and below are affected. Proof of concept included.

tags | exploit, remote, web, proof of concept
SHA-256 | 46a3ad56ce252ccdbd6329ea06843f21e89e1fb198ea8f464ae783e4feff2e7f
Avast! 4.8 / 5.0 Kernel Memory Corruption
Posted Feb 25, 2010
Authored by Tobias Klein | Site trapkit.de

Avast! versions 4.8 and 5.0 suffer from a aavmker4.sys kernel memory corruption vulnerability.

tags | advisory, kernel
SHA-256 | 423e14acc68af28b36348077feb4ef7ada79727abeb0a3fa6fe5fcf347f9aa5c
Oracle Denial Of Service
Posted Feb 2, 2010
Authored by Tobias Klein | Site trapkit.de

The kernel of Oracle Solaris contains a vulnerability in the code that handles UCODE_GET_VERSION IOCTL requests. The vulnerability allows a local unprivileged user the ability to panic a Solaris x86 Intel-based system (32-bit/64-bit mode) due to a NULL pointer dereference. The ability to panic a system is a type of Denial of Service (DoS). The issue can be triggered by sending a specially crafted IOCTL request to the kernel.

tags | advisory, denial of service, x86, kernel, local
systems | solaris
advisories | CVE-2010-0453
SHA-256 | a524a1ba9d5742e9a071414fff6dae55d1497bb58dc841e1c7577a689c3d653c
VLC Media Player 1.0.3 smb:// Stack Overflow
Posted Dec 7, 2009
Authored by Dr_IDE

Proof of concept exploit for the VLC Media Player version 1.0.3 smb:// URI handling stack overflow vulnerability.

tags | exploit, overflow, proof of concept
SHA-256 | 767d6f43bcd9f36c30425b5d2d15526afe7544a53c9dce0e06e4c05f44f0ea28
Apple iPhone OS AudioCodecs Heap Buffer Overflow
Posted Sep 15, 2009
Authored by Tobias Klein | Site trapkit.de

The iPhone OS AudioCodecs library contains a heap buffer overflow vulnerability while parsing maliciously crafted AAC or MP3 files. The vulnerability may be exploited by an attacker to execute arbitrary code in the context of an application using the vulnerable library. One attack vector are iPhone ringtones with malformed sample size table entries. It was successfully tested that iTunes uploads such malformed ringtones to the phone.

tags | advisory, overflow, arbitrary
systems | apple, iphone
advisories | CVE-2009-2206
SHA-256 | f5526418de98c9657cbd763047a324da3b927f706fa76dd4b3293e0a4a6b43d0
libsndfile/Winamp VOC Heap Buffer Overflow
Posted May 19, 2009
Authored by Tobias Klein | Site trapkit.de

lidsndfile versions 1.0.19 and below and Winamp versions 5.552 and below suffer from a VOC processing heap buffer overflow vulnerability.

tags | advisory, overflow
SHA-256 | 426f002e38e1c490a9f976a610dedb222d0edadadfe570535bcf5629995c0307
xine-lib Quicktime STTS Atom Integer Overflow
Posted Apr 6, 2009
Authored by Tobias Klein | Site trapkit.de

Xine-lib contains an integer overflow vulnerability while parsing malformed STTS atoms of Quicktime movie files. The vulnerability may be exploited by a (remote) attacker to execute arbitrary code in the context of an application using the xine library. Versions 1.1.16.2 and below are affected.

tags | advisory, remote, overflow, arbitrary
SHA-256 | e630315f5a4f17bed6c30a6e60f105c698b76e14980eecb44cd918005fc63440
FFmpeg Type Conversion Vulnerability
Posted Jan 28, 2009
Authored by Tobias Klein | Site trapkit.de

FFmpeg contains a type conversion vulnerability while parsing malformed 4X movie files. The vulnerability may be exploited by a (remote) attacker to execute arbitrary code in the context of FFmpeg or an application using the FFmpeg library.

tags | advisory, remote, arbitrary
SHA-256 | fdcf90835a6517d5d2a479f58cb2df9924557def551619884e79cb3f547d6180
GStreamer Heap Overflow And Out Of Bounds
Posted Jan 23, 2009
Authored by Tobias Klein | Site trapkit.de

GStreamer gst-plugins-good versions below 0.10.12 suffer from heap overflow and array index out of bounds vulnerabilities.

tags | advisory, overflow, vulnerability
SHA-256 | ae5d5f7a93915193f6bbfe67a4de2d6d96a10f53637af659ba372970130ceede
Amarok Integer Overflow / Unchecked Allocation Vulnerabilities
Posted Jan 12, 2009
Authored by Tobias Klein | Site trapkit.de

Amarok contains several integer overflows and unchecked allocation vulnerabilities while parsing malformed audible digital audio files. The vulnerabilities may be exploited by a (remote) attacker to execute arbitrary code in the context of Amarok.

tags | advisory, remote, overflow, arbitrary, vulnerability
SHA-256 | b94ef4ce7d1b2e477a85e81fe7d6abeaf756a2d58b5544818985f2c20cb90bb6
Sun Solaris aio_suspend() Kernel Integer Overflow
Posted Jan 12, 2009
Authored by Tobias Klein | Site trapkit.de

Sun Solaris suffers from an aio_suspend() kernel integer overflow vulnerability.

tags | advisory, overflow, kernel
systems | solaris
SHA-256 | cf4e53dd00147f6634c2f3e122968aec17988d62f758b49a1e1ca73472516ca8
Sun Solaris NULL Pointer
Posted Dec 22, 2008
Authored by Tobias Klein | Site trapkit.de

Sun Solaris suffers from a SIOCGTUNPARAM IOCTL kernel null pointer vulnerability.

tags | advisory, kernel
systems | solaris
SHA-256 | a891f595f6f13435a2f5b8eb4f88c409b8f3d63c0a46587d1d8311e4fb22ed15
Page 1 of 2
Back12Next

File Archive:

September 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    261 Files
  • 2
    Sep 2nd
    17 Files
  • 3
    Sep 3rd
    38 Files
  • 4
    Sep 4th
    52 Files
  • 5
    Sep 5th
    23 Files
  • 6
    Sep 6th
    27 Files
  • 7
    Sep 7th
    0 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    16 Files
  • 10
    Sep 10th
    38 Files
  • 11
    Sep 11th
    21 Files
  • 12
    Sep 12th
    0 Files
  • 13
    Sep 13th
    0 Files
  • 14
    Sep 14th
    0 Files
  • 15
    Sep 15th
    0 Files
  • 16
    Sep 16th
    0 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close