Ticket #1531 (closed defect: fixed)

Opened 2 months ago

Last modified 2 months ago

Possible Array Indexing Vulnerability which lets injecting code in sdpplin_parse()

Reported by: Eren Assigned to:
Priority: highest Milestone:
Component: Access Version:
Severity: critical Keywords:
Cc: Platform(s): Linux
Difficulty: easy Work status: Not started

Description

Secunia has just released an advisory [0] for xine-lib telling that RTSP streams can be used to inject a code. Xine developers have fixed it and the url of commit for it is [1].

The same code lies in VLC too (modules/access/rtsp/real_sdpplib.c) and there could be a security flaw.

[0] http://secunia.com/secunia_research/2008-10/advisory/

[1] http://hg.debian.org/hg/xine-lib/xine-lib?cmd=changeset;node=12cb075fba8ea09813fc35e0c731d2a64265b637;style=raw

Change History

03/19/08 16:35:15 changed by thresh

  • status changed from new to closed.
  • difficulty changed from unknown to easy.
  • resolution set to fixed.

Thanks! Fixed in http://git.videolan.org/?p=vlc.git;a=commit;h=f351efa7d22645625d20204f86a44b194fde8352 for 0.9 and http://git.videolan.org/?p=vlc.git;a=commit;h=8c838a6fe5f3bdb4af4f5f73d7ac0206ea92e029 for 0.8.6-bugfix.