CVE-2007-6684

VLC - Denial of Service via RTSP Request Without Transport Parameter

Title source: llm
STIX 2.1

Description

The RTSP module in VideoLAN VLC 0.8.6d allows remote attackers to cause a denial of service (crash) via a request without a Transport parameter, which triggers a NULL pointer dereference.

References (5)

Core 5
Core References
Various Sources x_refsource_confirm
http://trac.videolan.org/vlc/changeset/22023
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/29284
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14876
Third Party Advisory vendor-advisory x_refsource_gentoo
http://www.gentoo.org/security/en/glsa/glsa-200803-13.xml

Scores

EPSS 0.0223
EPSS Percentile 80.7%

Details

CWE
CWE-20
Status published
Products (1)
videolan/vlc 0.8.6d
Published Jan 17, 2008
Tracked Since Feb 18, 2026