Launchpad CVE tracker

CVE 2007-3468

input.c in VideoLAN VLC Media Player before 0.8.6c allows remote attackers to cause a denial of service (crash) via a crafted WAV file that causes an uninitialized i_nb_resamplers variable to be used.

Related bugs and status

CVE-2007-3468 (Candidate) is related to these bugs:

Bug #122207: vlc before 0.8.6c allows arbitrary code execution via a multitude of vectors

		In	Importance	Status
122207	vlc before 0.8.6c allows arbitrary code execution via a multitude of vectors	vlc (Ubuntu)	High	Fix Released
122207	vlc before 0.8.6c allows arbitrary code execution via a multitude of vectors	vlc (Ubuntu Dapper)	High	Invalid
122207	vlc before 0.8.6c allows arbitrary code execution via a multitude of vectors	vlc (Ubuntu Edgy)	High	Won't Fix
122207	vlc before 0.8.6c allows arbitrary code execution via a multitude of vectors	vlc (Ubuntu Feisty)	High	Won't Fix
122207	vlc before 0.8.6c allows arbitrary code execution via a multitude of vectors	vlc (Ubuntu Gutsy)	High	Fix Released
122207	vlc before 0.8.6c allows arbitrary code execution via a multitude of vectors	VLC media player	Undecided	Fix Released
122207	vlc before 0.8.6c allows arbitrary code execution via a multitude of vectors	vlc (Debian)	Unknown	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2007-3468

References