CVE-2008-0295

Videolan Vlc Media Player < 0.8.6d - Memory Corruption

Title source: rule

Description

Heap-based buffer overflow in modules/access/rtsp/real_sdpplin.c in the Xine library, as used in VideoLAN VLC Media Player 0.8.6d and earlier, allows user-assisted remote attackers to cause a denial of service (crash) or execute arbitrary code via long Session Description Protocol (SDP) data.

Exploits (1)

exploitdb WORKING POC
pythonlocalwindows
https://www.exploit-db.com/exploits/5498

References (9)

Scores

EPSS 0.3294
EPSS Percentile 96.8%

Classification

CWE
CWE-119
Status draft

Affected Products (1)

videolan/vlc_media_player < 0.8.6d

Timeline

Published Jan 16, 2008
Tracked Since Feb 18, 2026