CVE-2008-4558

Array index error in VLC media player 0.9.2 allows remote attackers to overwrite arbitrary memory and execute arbitrary code via an XSPF playlist file with a negative identifier tag, which passes a signed comparison.
Configurations

Configuration 1

cpe:2.3:a:videolan:vlc_media_player:0.9.2:*:*:*:*:*:*:*

Information

Published : 2008-10-15 12:00

Updated : 2018-10-11 08:52


NVD link : CVE-2008-4558

Mitre link : CVE-2008-4558

Products Affected
No products.
CWE
CWE-839

Numeric Range Comparison Without Minimum Check