CVE-2008-4686

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2008-4686

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2008-4686.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2008-4686

Downstream

DEBIAN-CVE-2008-4686

DSA-1819-1

DTSA-175-1

Published

2008-10-22T18:00:01Z

Modified

2025-08-09T20:01:25Z

Summary

[none]

Details

Multiple integer overflows in ty.c in the TY demux plugin (aka the TiVo demuxer) in VideoLAN VLC media player, probably 0.9.4, might allow remote attackers to execute arbitrary code via a crafted .ty file, a different vulnerability than CVE-2008-4654.

References

http://git.videolan.org/?p=vlc.git%3Ba=commitdiff%3Bh=d859e6b9537af2d7326276f70de25a840f554dc3
http://www.openwall.com/lists/oss-security/2008/10/19/2
http://www.openwall.com/lists/oss-security/2008/10/22/6
http://www.securityfocus.com/bid/31867
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14630

CVE-2008-4686

Affected packages