What is the severity of CVE-2008-5032?

CVE-2008-5032 is classified as a medium severity vulnerability due to the potential for remote code execution.

How do I fix CVE-2008-5032?

To fix CVE-2008-5032, users should upgrade to a version of VLC media player that is not affected, specifically version 0.9.6 or later.

What systems are affected by CVE-2008-5032?

CVE-2008-5032 affects multiple versions of VideoLAN VLC media player, specifically versions 0.5.0 through 0.9.5.

Is user interaction required for CVE-2008-5032 to be exploited?

Yes, exploiting CVE-2008-5032 typically requires user interaction to open a specially crafted CUE image file.

What type of vulnerability is CVE-2008-5032?

CVE-2008-5032 is a stack-based buffer overflow vulnerability.

Vulnerability/
CVE-2008-5032

critical

9.3

CWE

119

10/11/2008

7/8/2024

CVE-2008-5032: Buffer Overflow

First published: Mon Nov 10 2008(Updated: )

Stack-based buffer overflow in VideoLAN VLC media player 0.5.0 through 0.9.5 might allow user-assisted attackers to execute arbitrary code via the header of an invalid CUE image file, related to modules/access/vcd/cdrom.c. NOTE: this identifier originally included an issue related to RealText, but that issue has been assigned a separate identifier, CVE-2008-5036.

Credit: cve@mitre.org cve@mitre.org

Affected Software	Affected Version	How to fix
VideoLAN VLC media player	=0.8.6b
VideoLAN VLC media player	=0.7.2
VideoLAN VLC media player	=0.8.6g
VideoLAN VLC media player	=0.5.0
VideoLAN VLC media player	=0.8.4a
VideoLAN VLC media player	=0.8.0
VideoLAN VLC media player	=0.8.4-test2
VideoLAN VLC media player	=0.7.1a
VideoLAN VLC media player	=0.9.0
VideoLAN VLC media player	=0.9.4
VideoLAN VLC media player	=0.8.5
VideoLAN VLC media player	=0.6.2
VideoLAN VLC media player	=0.8.5-test3
VideoLAN VLC media player	=0.8.6h
VideoLAN VLC media player	=0.8.4
VideoLAN VLC media player	=0.8.6
VideoLAN VLC media player	=0.7.2-test3
VideoLAN VLC media player	=0.8.6c
VideoLAN VLC media player	=0.8.6i
VideoLAN VLC media player	=0.7.0
VideoLAN VLC media player	=0.9.1
VideoLAN VLC media player	=0.7.2-test2
VideoLAN VLC media player	=0.5.3
VideoLAN VLC media player	=0.8.6a
VideoLAN VLC media player	=0.9.5
VideoLAN VLC media player	=0.6.0
VideoLAN VLC media player	=0.8.5-test4
VideoLAN VLC media player	=0.8.6f
VideoLAN VLC media player	=0.9.2
VideoLAN VLC media player	=0.9
VideoLAN VLC media player	=0.8.1
VideoLAN VLC media player	=0.8.6e
VideoLAN VLC media player	=0.8.6d
VideoLAN VLC media player	=0.7.1
VideoLAN VLC media player	=0.8.2
VideoLAN VLC media player	=0.9.3

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2008-5032?
CVE-2008-5032 is classified as a medium severity vulnerability due to the potential for remote code execution.
How do I fix CVE-2008-5032?
To fix CVE-2008-5032, users should upgrade to a version of VLC media player that is not affected, specifically version 0.9.6 or later.
What systems are affected by CVE-2008-5032?
CVE-2008-5032 affects multiple versions of VideoLAN VLC media player, specifically versions 0.5.0 through 0.9.5.
Is user interaction required for CVE-2008-5032 to be exploited?
Yes, exploiting CVE-2008-5032 typically requires user interaction to open a specially crafted CUE image file.
What type of vulnerability is CVE-2008-5032?
CVE-2008-5032 is a stack-based buffer overflow vulnerability.

agent/references
agent/author
agent/type
collector/mitre-cve
source/MITRE
agent/severity
agent/last-modified-date
agent/event
agent/first-publish-date
agent/description
agent/source
agent/weakness
agent/softwarecombine
agent/tags
collector/nvd-historical
agent/software-canonical-lookup-request
collector/nvd-index
collector/nvd-api
vendor/videolan
canonical/videolan vlc media player
version/videolan vlc media player/0.8.6b
version/videolan vlc media player/0.7.2
version/videolan vlc media player/0.8.6g
version/videolan vlc media player/0.5.0
version/videolan vlc media player/0.8.4a
version/videolan vlc media player/0.8.0
version/videolan vlc media player/0.8.4-test2
version/videolan vlc media player/0.7.1a
version/videolan vlc media player/0.9.0
version/videolan vlc media player/0.9.4
version/videolan vlc media player/0.8.5
version/videolan vlc media player/0.6.2
version/videolan vlc media player/0.8.5-test3
version/videolan vlc media player/0.8.6h
version/videolan vlc media player/0.8.4
version/videolan vlc media player/0.8.6
version/videolan vlc media player/0.7.2-test3
version/videolan vlc media player/0.8.6c
version/videolan vlc media player/0.8.6i
version/videolan vlc media player/0.7.0
version/videolan vlc media player/0.9.1
version/videolan vlc media player/0.7.2-test2
version/videolan vlc media player/0.5.3
version/videolan vlc media player/0.8.6a
version/videolan vlc media player/0.9.5
version/videolan vlc media player/0.6.0
version/videolan vlc media player/0.8.5-test4
version/videolan vlc media player/0.8.6f
version/videolan vlc media player/0.9.2
version/videolan vlc media player/0.9
version/videolan vlc media player/0.8.1
version/videolan vlc media player/0.8.6e
version/videolan vlc media player/0.8.6d
version/videolan vlc media player/0.7.1
version/videolan vlc media player/0.8.2
version/videolan vlc media player/0.9.3

CVE-2008-5032: Buffer Overflow

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2008-5032?

How do I fix CVE-2008-5032?

What systems are affected by CVE-2008-5032?

Is user interaction required for CVE-2008-5032 to be exploited?

What type of vulnerability is CVE-2008-5032?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2008-5032?

How do I fix CVE-2008-5032?

What systems are affected by CVE-2008-5032?

Is user interaction required for CVE-2008-5032 to be exploited?

What type of vulnerability is CVE-2008-5032?