Integer underflow in the real_get_rdt_chunk function in real.c, as used in modules/access/rtsp/real.c in VideoLAN VLC media player before 1.0.1 and stream/realrtsp/real.c in MPlayer before r29447, allows remote attackers to execute arbitrary code via a crafted length value in an RDT chunk header.
Vector
NETWORK
Complexity
LOW
Authentication
NONE
Confidentiality
PARTIAL
Integrity
PARTIAL
Availability
PARTIAL
NetWin SurgeFTP 2.3b1
Netwitness Live Manager 1.0.0
NetWin SurgeFTP 2.3a8
network-weathermap Network Weathermap 0.97a
NetWin SurgeFTP 2.3a7
Netwitness Administrator 8.6
Netwitness Investigator 8.6
network-weathermap Network Weathermap 0.97c
NetWin SurgeFTP 2.0f
network-weathermap Network Weathermap 0.97b
netweblogic Login with Ajax plugin for WordPress 3.0.4
netweblogic Login with Ajax plugin for WordPress 3.0.4.1
netweblogic Login with Ajax plugin for WordPress 3.0.3
netweblogic Login with Ajax plugin for WordPress 3.1
NetWin SurgeFTP 2.3a9
Networkautomation Automate 6.1.1.0
netweblogic Login with Ajax plugin for WordPress 2.1.4
netweblogic Login with Ajax plugin for WordPress 2.2
netweblogic Login with Ajax plugin for WordPress 2.1.5
netweblogic Login with Ajax plugin for WordPress 2.21
Network Vision IntraVUE 2.3.0a11
netweblogic Login with Ajax plugin for WordPress 3.0.2
netweblogic Login with Ajax plugin for WordPress 3.1.1
netweblogic Login with Ajax plugin for WordPress 3.0.1
netweblogic Login with Ajax plugin for WordPress 3.0b3
netweblogic Login with Ajax plugin for WordPress 3.0
netweblogic Login with Ajax plugin for WordPress 3.0b
NetWin SurgeFTP 2.3a6
NetWin SurgeFTP 2.3a2
NetWin SurgeFTP 2.3a12
NetWin SurgeFTP 2.0c
NetWin SurgeFTP 2.3a10
NetWin SurgeFTP 2.3a1
NetWin SurgeFTP 2.2m1
NetWin SurgeFTP 2.0e
NetWin SurgeFTP 2.2k3
NetWin SurgeFTP 2.0d
NetWin SurgeFTP 1.1h
NetWin SurgeFTP 2.2k1