CVE-2010-2062
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2010-2062
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2010-2062.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2010-2062
- Related
- Published
- 2014-12-26T20:59:07Z
- Modified
- 2024-12-26T05:00:03Z
- Summary
- [none]
- Details
-
Integer underflow in the realgetrdt_chunk function in real.c, as used in modules/access/rtsp/real.c in VideoLAN VLC media player before 1.0.1 and stream/realrtsp/real.c in MPlayer before r29447, allows remote attackers to execute arbitrary code via a crafted length value in an RDT chunk header.
- References
-
- http://seclists.org/fulldisclosure/2009/Jul/418
- https://dzcore.wordpress.com/2009/07/27/dzc-2009-001-the-movie-player-and-vlc-media-player-real-data-transport-parsing-integer-underflow/
- http://git.videolan.org/?p=vlc.git%3Ba=commit%3Bh=dc74600c97eb834c08674676e209afa842053aca
- http://openwall.com/lists/oss-security/2010/06/04/4
- https://security-tracker.debian.org/tracker/CVE-2010-2062
Affected packages
Debian:11 / mplayer
Package
- Name
- mplayer
- Purl
- pkg:deb/debian/mplayer?arch=source
Debian:12 / mplayer
Package
- Name
- mplayer
- Purl
- pkg:deb/debian/mplayer?arch=source
Debian:13 / mplayer
Package
- Name
- mplayer
- Purl
- pkg:deb/debian/mplayer?arch=source
Debian:11 / vlc
Package
- Name
- vlc
- Purl
- pkg:deb/debian/vlc?arch=source
Debian:12 / vlc
Package
- Name
- vlc
- Purl
- pkg:deb/debian/vlc?arch=source
Debian:13 / vlc
Package
- Name
- vlc
- Purl
- pkg:deb/debian/vlc?arch=source