CVE-2008-3732

Name of the Vulnerable Software and Affected Versions VLC Media Player version 0.8.6i

Description The issue is related to an integer overflow in the Open function in modules/demux/tta.c, which can be triggered by a crafted TTA file. This can cause a denial of service, resulting in an application crash, or possibly allow the execution of arbitrary code due to a heap-based buffer overflow.

Recommendations For version 0.8.6i, consider updating to a newer version to mitigate the risk, as the current version is affected by the integer overflow issue in the Open function. As a temporary workaround, avoid using the Open function in the modules/demux/tta.c module to minimize the risk of exploitation. Restrict access to crafted TTA files to prevent potential attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.