Fixed upstream in http://git.videolan.org/gitweb.cgi/vlc.git/?a=commit;h=8c838a6fe5f3bdb4af4f5f73d7ac0206ea92e029
> the following CVE (Common Vulnerabilities & Exposures) id was > published for vlc. > > CVE-2008-0073CVE-2008-0073[0]: > | Array index error in the sdpplin_parse function in > | input/libreal/sdpplin.c in xine-lib 1.1.10.1 allows remote RTSP > | servers to execute arbitrary code via a large streamid SDP parameter. > > It turned out that vlc is also using that code in > modules/access/rtsp/real_sdpplin.c -- Xtophe -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
