Stack-based buffer overflow in the parse_master function in the Ty demux plugin (modules/demux/ty.c) in VLC Media Player 0.9.0 through 0.9.4 allows remote attackers to execute arbitrary code via a TiVo TY media file with a header containing a crafted size value.
Software | From | Fixed in |
---|---|---|
videolan / vlc_media_player | 0.9 | 0.9.x |
videolan / vlc_media_player | 0.9.1 | 0.9.1.x |
videolan / vlc_media_player | 0.9.2 | 0.9.2.x |
videolan / vlc_media_player | 0.9.3 | 0.9.3.x |
videolan / vlc_media_player | 0.9.4 | 0.9.4.x |