CVE-2008-0984

EPSS 27.2%

vlc - arbitrary code execution

Published: 2/26/2008Modified: 4/28/2026

Also known as:DEBIAN-CVE-2008-0984

Description

The MP4 demuxer (mp4.c) for VLC media player 0.8.6d and earlier, as used in Miro Player 1.1 and earlier, allows remote attackers to overwrite arbitrary memory and execute arbitrary code via a malformed MP4 file.

Affected packages (2)

Debian/vlcfrom 0, < 0.8.6.e-1
Debian/vlcfrom 0, < 0.8.6.c-6+lenny1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2008-0984