Integer overflow in the Open function in modules/demux/tta.c in VLC Media Player 0.8.6i allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TTA file, which triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information.
Vector
NETWORK
Complexity
MEDIUM
Authentication
NONE
Confidentiality
COMPLETE
Integrity
COMPLETE
Availability
COMPLETE
| Advisory | Patch | Confirmed | Link |
|---|---|---|---|
| 6252 | |||
| vlc-mediaplayer-open-bo(44510) | |||
| 30718 | |||
| ADV-2008-2394 | |||
| http://www.orange-bat.com/adv/2008/adv.08.16.txt | |||
| GLSA-200809-06 | |||
| 4170 |