Debian Security Advisory

DSA-1543-1 vlc -- several vulnerabilities

Date Reported:
09 Apr 2008
Affected Packages:
vlc
Vulnerable:
Yes
Security database references:
In Mitre's CVE dictionary: CVE-2007-6681, CVE-2007-6682, CVE-2007-6683, CVE-2008-0295, CVE-2008-0296, CVE-2008-0073, CVE-2008-0984, CVE-2008-1489.
More information:

Luigi Auriemma, Alin Rad Pop, Rémi Denis-Courmont, Quovodis, Guido Landi, Felipe Manzano, Anibal Sacco and others discovered multiple vulnerabilities in vlc, an application for playback and streaming of audio and video. In the worst case, these weaknesses permit a remote, unauthenticated attacker to execute arbitrary code with the privileges of the user running vlc.

The Common Vulnerabilities and Exposures project identifies the following eight problems:

  • CVE-2007-6681

    A buffer overflow vulnerability in subtitle handling allows an attacker to execute arbitrary code through the opening of a maliciously crafted MicroDVD, SSA or Vplayer file.

  • CVE-2007-6682

    A format string vulnerability in the HTTP-based remote control facility of the vlc application allows a remote, unauthenticated attacker to execute arbitrary code.

  • CVE-2007-6683

    Insecure argument validation allows a remote attacker to overwrite arbitrary files writable by the user running vlc, if a maliciously crafted M3U playlist or MP3 audio file is opened.

  • CVE-2008-0295, CVE-2008-0296

    Heap buffer overflows in RTSP stream and session description protocol (SDP) handling allow an attacker to execute arbitrary code if a maliciously crafted RTSP stream is played.

  • CVE-2008-0073

    Insufficient integer bounds checking in SDP handling allows the execution of arbitrary code through a maliciously crafted SDP stream ID parameter in an RTSP stream.

  • CVE-2008-0984

    Insufficient integrity checking in the MP4 demuxer allows a remote attacker to overwrite arbitrary memory and execute arbitrary code if a maliciously crafted MP4 file is opened.

  • CVE-2008-1489

    An integer overflow vulnerability in MP4 handling allows a remote attacker to cause a heap buffer overflow, inducing a crash and possibly the execution of arbitrary code if a maliciously crafted MP4 file is opened.

For the stable distribution (etch), these problems have been fixed in version 0.8.6-svn20061012.debian-5.1+etch2.

For the unstable distribution (sid), these problems have been fixed in version 0.8.6.e-2.

We recommend that you upgrade your vlc packages.

Fixed in:

Debian GNU/Linux 4.0 (stable)

Source:
http://security.debian.org/pool/updates/main/v/vlc/vlc_0.8.6-svn20061012.debian-5.1+etch2.diff.gz
http://security.debian.org/pool/updates/main/v/vlc/vlc_0.8.6-svn20061012.debian.orig.tar.gz
http://security.debian.org/pool/updates/main/v/vlc/vlc_0.8.6-svn20061012.debian-5.1+etch2.dsc
Architecture-independent component:
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-alsa_0.8.6-svn20061012.debian-5.1+etch2_all.deb
http://security.debian.org/pool/updates/main/v/vlc/wxvlc_0.8.6-svn20061012.debian-5.1+etch2_all.deb
Alpha:
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-sdl_0.8.6-svn20061012.debian-5.1+etch2_alpha.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-arts_0.8.6-svn20061012.debian-5.1+etch2_alpha.deb
http://security.debian.org/pool/updates/main/v/vlc/libvlc0-dev_0.8.6-svn20061012.debian-5.1+etch2_alpha.deb
http://security.debian.org/pool/updates/main/v/vlc/mozilla-plugin-vlc_0.8.6-svn20061012.debian-5.1+etch2_alpha.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-nox_0.8.6-svn20061012.debian-5.1+etch2_alpha.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-esd_0.8.6-svn20061012.debian-5.1+etch2_alpha.deb
http://security.debian.org/pool/updates/main/v/vlc/libvlc0_0.8.6-svn20061012.debian-5.1+etch2_alpha.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc_0.8.6-svn20061012.debian-5.1+etch2_alpha.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-ggi_0.8.6-svn20061012.debian-5.1+etch2_alpha.deb
AMD64:
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-arts_0.8.6-svn20061012.debian-5.1+etch2_amd64.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-esd_0.8.6-svn20061012.debian-5.1+etch2_amd64.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc_0.8.6-svn20061012.debian-5.1+etch2_amd64.deb
http://security.debian.org/pool/updates/main/v/vlc/libvlc0-dev_0.8.6-svn20061012.debian-5.1+etch2_amd64.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-nox_0.8.6-svn20061012.debian-5.1+etch2_amd64.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-ggi_0.8.6-svn20061012.debian-5.1+etch2_amd64.deb
http://security.debian.org/pool/updates/main/v/vlc/mozilla-plugin-vlc_0.8.6-svn20061012.debian-5.1+etch2_amd64.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-sdl_0.8.6-svn20061012.debian-5.1+etch2_amd64.deb
http://security.debian.org/pool/updates/main/v/vlc/libvlc0_0.8.6-svn20061012.debian-5.1+etch2_amd64.deb
ARM:
http://security.debian.org/pool/updates/main/v/vlc/vlc_0.8.6-svn20061012.debian-5.1+etch2_arm.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-ggi_0.8.6-svn20061012.debian-5.1+etch2_arm.deb
http://security.debian.org/pool/updates/main/v/vlc/libvlc0-dev_0.8.6-svn20061012.debian-5.1+etch2_arm.deb
http://security.debian.org/pool/updates/main/v/vlc/mozilla-plugin-vlc_0.8.6-svn20061012.debian-5.1+etch2_arm.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-nox_0.8.6-svn20061012.debian-5.1+etch2_arm.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-arts_0.8.6-svn20061012.debian-5.1+etch2_arm.deb
http://security.debian.org/pool/updates/main/v/vlc/libvlc0_0.8.6-svn20061012.debian-5.1+etch2_arm.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-esd_0.8.6-svn20061012.debian-5.1+etch2_arm.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-sdl_0.8.6-svn20061012.debian-5.1+etch2_arm.deb
HP Precision:
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-sdl_0.8.6-svn20061012.debian-5.1+etch2_hppa.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-nox_0.8.6-svn20061012.debian-5.1+etch2_hppa.deb
http://security.debian.org/pool/updates/main/v/vlc/libvlc0_0.8.6-svn20061012.debian-5.1+etch2_hppa.deb
http://security.debian.org/pool/updates/main/v/vlc/mozilla-plugin-vlc_0.8.6-svn20061012.debian-5.1+etch2_hppa.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc_0.8.6-svn20061012.debian-5.1+etch2_hppa.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-esd_0.8.6-svn20061012.debian-5.1+etch2_hppa.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-arts_0.8.6-svn20061012.debian-5.1+etch2_hppa.deb
http://security.debian.org/pool/updates/main/v/vlc/libvlc0-dev_0.8.6-svn20061012.debian-5.1+etch2_hppa.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-ggi_0.8.6-svn20061012.debian-5.1+etch2_hppa.deb
Intel IA-32:
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-arts_0.8.6-svn20061012.debian-5.1+etch2_i386.deb
http://security.debian.org/pool/updates/main/v/vlc/libvlc0-dev_0.8.6-svn20061012.debian-5.1+etch2_i386.deb
http://security.debian.org/pool/updates/main/v/vlc/libvlc0_0.8.6-svn20061012.debian-5.1+etch2_i386.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-svgalib_0.8.6-svn20061012.debian-5.1+etch2_i386.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-ggi_0.8.6-svn20061012.debian-5.1+etch2_i386.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-esd_0.8.6-svn20061012.debian-5.1+etch2_i386.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-sdl_0.8.6-svn20061012.debian-5.1+etch2_i386.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-nox_0.8.6-svn20061012.debian-5.1+etch2_i386.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc_0.8.6-svn20061012.debian-5.1+etch2_i386.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-glide_0.8.6-svn20061012.debian-5.1+etch2_i386.deb
http://security.debian.org/pool/updates/main/v/vlc/mozilla-plugin-vlc_0.8.6-svn20061012.debian-5.1+etch2_i386.deb
Intel IA-64:
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-arts_0.8.6-svn20061012.debian-5.1+etch2_ia64.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc_0.8.6-svn20061012.debian-5.1+etch2_ia64.deb
http://security.debian.org/pool/updates/main/v/vlc/mozilla-plugin-vlc_0.8.6-svn20061012.debian-5.1+etch2_ia64.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-nox_0.8.6-svn20061012.debian-5.1+etch2_ia64.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-ggi_0.8.6-svn20061012.debian-5.1+etch2_ia64.deb
http://security.debian.org/pool/updates/main/v/vlc/libvlc0-dev_0.8.6-svn20061012.debian-5.1+etch2_ia64.deb
http://security.debian.org/pool/updates/main/v/vlc/libvlc0_0.8.6-svn20061012.debian-5.1+etch2_ia64.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-esd_0.8.6-svn20061012.debian-5.1+etch2_ia64.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-sdl_0.8.6-svn20061012.debian-5.1+etch2_ia64.deb
Big-endian MIPS:
http://security.debian.org/pool/updates/main/v/vlc/vlc-nox_0.8.6-svn20061012.debian-5.1+etch2_mips.deb
http://security.debian.org/pool/updates/main/v/vlc/libvlc0-dev_0.8.6-svn20061012.debian-5.1+etch2_mips.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-arts_0.8.6-svn20061012.debian-5.1+etch2_mips.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-esd_0.8.6-svn20061012.debian-5.1+etch2_mips.deb
http://security.debian.org/pool/updates/main/v/vlc/mozilla-plugin-vlc_0.8.6-svn20061012.debian-5.1+etch2_mips.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc_0.8.6-svn20061012.debian-5.1+etch2_mips.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-sdl_0.8.6-svn20061012.debian-5.1+etch2_mips.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-ggi_0.8.6-svn20061012.debian-5.1+etch2_mips.deb
http://security.debian.org/pool/updates/main/v/vlc/libvlc0_0.8.6-svn20061012.debian-5.1+etch2_mips.deb
Little-endian MIPS:
http://security.debian.org/pool/updates/main/v/vlc/vlc_0.8.6-svn20061012.debian-5.1+etch2_mipsel.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-sdl_0.8.6-svn20061012.debian-5.1+etch2_mipsel.deb
http://security.debian.org/pool/updates/main/v/vlc/mozilla-plugin-vlc_0.8.6-svn20061012.debian-5.1+etch2_mipsel.deb
http://security.debian.org/pool/updates/main/v/vlc/libvlc0-dev_0.8.6-svn20061012.debian-5.1+etch2_mipsel.deb
http://security.debian.org/pool/updates/main/v/vlc/libvlc0_0.8.6-svn20061012.debian-5.1+etch2_mipsel.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-esd_0.8.6-svn20061012.debian-5.1+etch2_mipsel.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-arts_0.8.6-svn20061012.debian-5.1+etch2_mipsel.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-nox_0.8.6-svn20061012.debian-5.1+etch2_mipsel.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-ggi_0.8.6-svn20061012.debian-5.1+etch2_mipsel.deb
PowerPC:
http://security.debian.org/pool/updates/main/v/vlc/libvlc0_0.8.6-svn20061012.debian-5.1+etch2_powerpc.deb
http://security.debian.org/pool/updates/main/v/vlc/libvlc0-dev_0.8.6-svn20061012.debian-5.1+etch2_powerpc.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-ggi_0.8.6-svn20061012.debian-5.1+etch2_powerpc.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-nox_0.8.6-svn20061012.debian-5.1+etch2_powerpc.deb
http://security.debian.org/pool/updates/main/v/vlc/mozilla-plugin-vlc_0.8.6-svn20061012.debian-5.1+etch2_powerpc.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-esd_0.8.6-svn20061012.debian-5.1+etch2_powerpc.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-sdl_0.8.6-svn20061012.debian-5.1+etch2_powerpc.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-arts_0.8.6-svn20061012.debian-5.1+etch2_powerpc.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc_0.8.6-svn20061012.debian-5.1+etch2_powerpc.deb
IBM S/390:
http://security.debian.org/pool/updates/main/v/vlc/libvlc0-dev_0.8.6-svn20061012.debian-5.1+etch2_s390.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc_0.8.6-svn20061012.debian-5.1+etch2_s390.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-sdl_0.8.6-svn20061012.debian-5.1+etch2_s390.deb
http://security.debian.org/pool/updates/main/v/vlc/mozilla-plugin-vlc_0.8.6-svn20061012.debian-5.1+etch2_s390.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-nox_0.8.6-svn20061012.debian-5.1+etch2_s390.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-esd_0.8.6-svn20061012.debian-5.1+etch2_s390.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-ggi_0.8.6-svn20061012.debian-5.1+etch2_s390.deb
http://security.debian.org/pool/updates/main/v/vlc/libvlc0_0.8.6-svn20061012.debian-5.1+etch2_s390.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-arts_0.8.6-svn20061012.debian-5.1+etch2_s390.deb
Sun Sparc:
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-ggi_0.8.6-svn20061012.debian-5.1+etch2_sparc.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc_0.8.6-svn20061012.debian-5.1+etch2_sparc.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-sdl_0.8.6-svn20061012.debian-5.1+etch2_sparc.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-arts_0.8.6-svn20061012.debian-5.1+etch2_sparc.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-nox_0.8.6-svn20061012.debian-5.1+etch2_sparc.deb
http://security.debian.org/pool/updates/main/v/vlc/libvlc0-dev_0.8.6-svn20061012.debian-5.1+etch2_sparc.deb
http://security.debian.org/pool/updates/main/v/vlc/mozilla-plugin-vlc_0.8.6-svn20061012.debian-5.1+etch2_sparc.deb
http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-esd_0.8.6-svn20061012.debian-5.1+etch2_sparc.deb
http://security.debian.org/pool/updates/main/v/vlc/libvlc0_0.8.6-svn20061012.debian-5.1+etch2_sparc.deb

MD5 checksums of the listed files are available in the original advisory.