CVE-2008-4654

Name of the Vulnerable Software and Affected Versions VLC Media Player versions 0.9.0 through 0.9.4

Description The issue is related to a stack-based buffer overflow in the parse master function in the Ty demux plugin. This can be exploited by remote attackers through a TiVo TY media file with a crafted size value in the header, allowing them to execute arbitrary code.

Recommendations For versions 0.9.0 through 0.9.4, consider disabling the Ty demux plugin until a patch is available. Restrict access to files that could potentially exploit this issue to minimize the risk of arbitrary code execution.