CVE-2008-0295
- Source
- https://cve.org/CVERecord?id=CVE-2008-0295
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2008-0295.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2008-0295
- Downstream
- Withdrawn
- 2026-01-27T04:08:30.261954Z
- Published
- 2008-01-16T22:00:00Z
- Modified
- 2026-01-27T04:08:30.261954Z
- Summary
- [none]
- Details
-
Heap-based buffer overflow in modules/access/rtsp/real_sdpplin.c in the Xine library, as used in VideoLAN VLC Media Player 0.8.6d and earlier, allows user-assisted remote attackers to cause a denial of service (crash) or execute arbitrary code via long Session Description Protocol (SDP) data.
- References
-
- http://secunia.com/advisories/28383
- http://secunia.com/advisories/29284
- http://secunia.com/advisories/29766
- http://www.debian.org/security/2008/dsa-1543
- http://www.vupen.com/english/advisories/2008/0105
- http://aluigi.altervista.org/adv/vlcxhof-adv.txt
- http://www.gentoo.org/security/en/glsa/glsa-200803-13.xml
- http://www.securityfocus.com/bid/27221
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14776