CVE-2007-3467

Name of the Vulnerable Software and Affected Versions VLC Media Player versions prior to 0.8.6c libvlc0-dev (affected versions not specified) libvlc0 (affected versions not specified) wxvlc (affected versions not specified) gvlc (affected versions not specified) gnome-vlc (affected versions not specified)

Description The issue concerns multiple vulnerabilities in various packages of the Debian GNU/Linux operating system, including libvlc0-dev, libvlc0, wxvlc, gvlc, and gnome-vlc. These vulnerabilities can be exploited remotely, potentially leading to breaches of confidentiality, integrity, and availability of protected information. Specifically, an integer overflow in the status Update function in stats.c of VideoLAN VLC Media Player before version 0.8.6c allows remote attackers to cause a denial of service via a WAV file with a large sample rate.

Recommendations For VLC Media Player versions prior to 0.8.6c: Update to version 0.8.6c or later to resolve the issue. For libvlc0-dev: At the moment, there is no information about a newer version that contains a fix for this vulnerability. For libvlc0: At the moment, there is no information about a newer version that contains a fix for this vulnerability. For wxvlc: At the moment, there is no information about a newer version that contains a fix for this vulnerability. For gvlc: At the moment, there is no information about a newer version that contains a fix for this vulnerability. For gnome-vlc: At the moment, there is no information about a newer version that contains a fix for this vulnerability.