CVE-2008-0984
vlc - arbitrary code execution
EPSS 27.2%
Description
The MP4 demuxer (mp4.c) for VLC media player 0.8.6d and earlier, as used in Miro Player 1.1 and earlier, allows remote attackers to overwrite arbitrary memory and execute arbitrary code via a malformed MP4 file.
How to fix CVE-2008-0984
To remediate CVE-2008-0984, upgrade the affected package to a fixed version below.
- Debian/vlc—upgrade to 0.8.6.e-1 or later
- Debian/vlc—upgrade to 0.8.6.c-6+lenny1 or later
Is CVE-2008-0984 being exploited?
Moderate — EPSS is 27.2%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (2)
- from 0, < 0.8.6.e-1
- from 0, < 0.8.6.c-6+lenny1