CVE-2008-4686

Critical CVSS 9.3

Overview

Multiple integer overflows in ty.c in the TY demux plugin (aka the TiVo demuxer) in VideoLAN VLC media player, probably 0.9.4, might allow remote attackers to execute arbitrary code via a crafted .ty file, a different vulnerability than CVE-2008-4654.

CWE: CWE-189 Published: 2008-10-22T18:00:01.177

Risk analysis

This vulnerability is rated 🔴 CRITICAL.

CVSS: 9.3 (CRITICAL)
Detected tags: none (tag impact: LOW)

Recommended actions:

Prioritize remediation based on business criticality and exposure.
Limit exposure and increase monitoring until fixed.

Overview

Recommended tools

Tags