CVE-2008-4686

VLC media player - Remote Code Execution via Crafted TY File Integer Overflow

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2008-4686. PoCs published by Guido Landi.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in VLC 0.9.4 via a maliciously crafted .TY file. It leverages a reverse shell payload to achieve remote code execution on Windows XP systems.

Description

Multiple integer overflows in ty.c in the TY demux plugin (aka the TiVo demuxer) in VideoLAN VLC media player, probably 0.9.4, might allow remote attackers to execute arbitrary code via a crafted .ty file, a different vulnerability than CVE-2008-4654.

Exploits (2)

exploitdb WORKING POC VERIFIED
by Guido Landi · perllocalwindows
https://www.exploit-db.com/exploits/6825

This exploit targets a buffer overflow vulnerability in VLC 0.9.4 via a maliciously crafted .TY file. It leverages a reverse shell payload to achieve remote code execution on Windows XP systems.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: VLC Media Player 0.9.4
No auth needed
Prerequisites: VLC 0.9.4 installed on Windows XP · Network connectivity to attacker-controlled server
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by Guido Landi · perllocalwindows
https://www.exploit-db.com/exploits/6798

This exploit targets a stack-based buffer overflow in VLC Media Player via a maliciously crafted TY file. It uses a JMP ESP instruction from shell32.dll and executes shellcode to spawn a reverse shell.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: VLC Media Player (TY file parser)
No auth needed
Prerequisites: VLC Media Player installed on Windows XP SP1 or SP2 · Ability to deliver malicious TY file to target
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Mailing List mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2008/10/22/6
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14630
Mailing List mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2008/10/19/2
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/31867

Scores

EPSS 0.0994
EPSS Percentile 95.0%

Details

CWE
CWE-189
Status published
Products (5)
videolan/vlc_media_player 0.9.0
videolan/vlc_media_player 0.9.1
videolan/vlc_media_player 0.9.2
videolan/vlc_media_player 0.9.3
videolan/vlc_media_player 0.9.4
Published Oct 22, 2008
Tracked Since Feb 18, 2026