FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  352013
Date:      2014-04-24
Time:      15:54:50Z
Committer: lwhsu

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
4b09378e-addb-11dd-a578-0030843d3802vlc -- cue processing stack overflow

The VLC Team reports:

The VLC media player contains a stack overflow vulnerability while parsing malformed cue files. The vulnerability may be exploited by a (remote) attacker to execute arbitrary code in the context of VLC media player.


Discovery 2008-11-05
Entry 2008-11-08
Modified 2010-05-02
vlc
lt 0.8.6.i_2,2

vlc-devel
lt 0.9.6,3

CVE-2008-5032
CVE-2008-5036
http://www.videolan.org/security/sa0810.html
http://www.trapkit.de/advisories/TKADV2008-012.txt
acf80afa-c3ef-11dd-a721-0030843d3802vlc -- arbitrary code execution in the RealMedia processor

Tobias Klein from TrapKit reports:

The VLC media player contains an integer overflow vulnerability while parsing malformed RealMedia (.rm) files. The vulnerability leads to a heap overflow that can be exploited by a (remote) attacker to execute arbitrary code in the context of VLC media player.


Discovery 2008-11-30
Entry 2008-12-06
Modified 2008-12-07
vlc-devel
lt 0.9.8a

32545
CVE-2008-5276
http://www.trapkit.de/advisories/TKADV2008-013.txt
http://www.videolan.org/security/sa0811.html
4b09378e-addb-11dd-a578-0030843d3802vlc -- cue processing stack overflow

The VLC Team reports:

The VLC media player contains a stack overflow vulnerability while parsing malformed cue files. The vulnerability may be exploited by a (remote) attacker to execute arbitrary code in the context of VLC media player.


Discovery 2008-11-05
Entry 2008-11-08
Modified 2010-05-02
vlc
lt 0.8.6.i_2,2

vlc-devel
lt 0.9.6,3

CVE-2008-5032
CVE-2008-5036
http://www.videolan.org/security/sa0810.html
http://www.trapkit.de/advisories/TKADV2008-012.txt
acf80afa-c3ef-11dd-a721-0030843d3802vlc -- arbitrary code execution in the RealMedia processor

Tobias Klein from TrapKit reports:

The VLC media player contains an integer overflow vulnerability while parsing malformed RealMedia (.rm) files. The vulnerability leads to a heap overflow that can be exploited by a (remote) attacker to execute arbitrary code in the context of VLC media player.


Discovery 2008-11-30
Entry 2008-12-06
Modified 2008-12-07
vlc-devel
lt 0.9.8a

32545
CVE-2008-5276
http://www.trapkit.de/advisories/TKADV2008-013.txt
http://www.videolan.org/security/sa0811.html