2
Candidate: CVE-2008-0295
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0295
6
Heap-based buffer overflow in modules/access/rtsp/real_sdpplin.c in the
7
Xine library, as used in VideoLAN VLC Media Player 0.8.6d and earlier,
8
allows user-assisted remote attackers to cause a denial of service (crash)
9
or execute arbitrary code via long Session Description Protocol (SDP) data.
12
jdstrand> per Debian this does not affect xine-lib, just vlc as it ships
19
upstream_vlc: released (0.8.6e)
20
dapper_vlc: ignored (reached end-of-life)
21
edgy_vlc: needed (reached end-of-life)
22
feisty_vlc: needed (reached end-of-life)
23
gutsy_vlc: needed (reached end-of-life)
24
hardy_vlc: released (0.8.6e-0ubuntu1)
25
intrepid_vlc: released (0.8.6e-0ubuntu1)
26
jaunty_vlc: released (0.8.6e-0ubuntu1)
27
karmic_vlc: released (0.8.6e-0ubuntu1)
28
devel_vlc: released (0.8.6e-0ubuntu1)