CVE-2008-4558
EPSS 19.6%
Description
Array index error in VLC media player 0.9.2 allows remote attackers to overwrite arbitrary memory and execute arbitrary code via an XSPF playlist file with a negative identifier tag, which passes a signed comparison.
How to fix CVE-2008-4558
To remediate CVE-2008-4558, upgrade the affected package to a fixed version below.
- Debian/vlc—upgrade to 0.9.3-1 or later
Is CVE-2008-4558 being exploited?
Moderate — EPSS is 19.6%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (1)
- from 0, < 0.9.3-1