Unrated severityNVD Advisory· Published Nov 10, 2008· Updated Apr 23, 2026
CVE-2008-5036
CVE-2008-5036
Description
Stack-based buffer overflow in VideoLAN VLC media player 0.9.x before 0.9.6 might allow user-assisted attackers to execute arbitrary code via an an invalid RealText (rt) subtitle file, related to the ParseRealText function in modules/demux/subtitle.c. NOTE: this issue was SPLIT from CVE-2008-5032 on 20081110.
Affected products
7cpe:2.3:a:videolan:vlc_media_player:0.9:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:a:videolan:vlc_media_player:0.9:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.9.0:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.9.1:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.9.2:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.9.3:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.9.4:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.9.5:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
13- www.trapkit.de/advisories/TKADV2008-011.txtnvdExploit
- secunia.com/advisories/32569nvd
- secunia.com/advisories/33315nvd
- security.gentoo.org/glsa/glsa-200812-24.xmlnvd
- www.openwall.com/lists/oss-security/2008/11/05/4nvd
- www.openwall.com/lists/oss-security/2008/11/05/5nvd
- www.openwall.com/lists/oss-security/2008/11/10/13nvd
- www.securityfocus.com/archive/1/498111/100/0/threadednvd
- www.securityfocus.com/bid/32125nvd
- www.videolan.org/security/sa0810.htmlnvd
- exchange.xforce.ibmcloud.com/vulnerabilities/46376nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14329nvd
- www.exploit-db.com/exploits/7051nvd
News mentions
0No linked articles in our index yet.