1
Candidate: CVE-2009-1045
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1045
6
requests/status.xml in VLC 0.9.8a allows remote attackers to cause a denial
7
of service (stack consumption and crash) via a long input argument in an
11
mdeslaur> PoC: http://www.milw0rm.com/exploits/8213
13
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=522170
19
upstream: http://git.videolan.org/?p=vlc.git;a=commitdiff;h=abc867adb981772703c5d33711736f531a4551b4
20
upstream_vlc: released (0.9.9)
21
dapper_vlc: ignored (reached end-of-life)
22
gutsy_vlc: needed (reached end-of-life)
23
hardy_vlc: not-affected (0.8.6.release.e+x264svn20071224+faad2.6.1-0ubuntu3.2)
24
intrepid_vlc: released (0.9.4-1ubuntu3.2)
25
jaunty_vlc: not-affected (0.9.9a-2ubuntu1)
26
karmic_vlc: not-affected (1.0.0~rc2-1ubuntu1)
27
devel_vlc: not-affected (1.0.0~rc2-1ubuntu1)