Multiple integer overflows in ty.c in the TY demux plugin (aka the TiVo demuxer) in VideoLAN VLC media player, probably 0.9.4, might allow remote attackers to execute arbitrary code via a crafted .ty file, a different vulnerability than CVE-2008-4654.
Software | From | Fixed in |
---|---|---|
videolan / vlc_media_player | 0.9.0 | 0.9.0.x |
videolan / vlc_media_player | 0.9.1 | 0.9.1.x |
videolan / vlc_media_player | 0.9.2 | 0.9.2.x |
videolan / vlc_media_player | 0.9.3 | 0.9.3.x |
videolan / vlc_media_player | 0.9.4 | 0.9.4.x |