VYPR
Unrated severityNVD Advisory· Published Dec 3, 2008· Updated Jun 16, 2026

CVE-2008-5276

CVE-2008-5276

Description

Integer overflow in the ReadRealIndex function in real.c in the Real demuxer plugin in VideoLAN VLC media player 0.9.0 through 0.9.7 allows remote attackers to execute arbitrary code via a malformed RealMedia (.rm) file that triggers a heap-based buffer overflow.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

10
  • cpe:2.3:a:videolan:vlc_media_player:0.9.0:*:*:*:*:*:*:*+ 9 more
    • cpe:2.3:a:videolan:vlc_media_player:0.9.0:*:*:*:*:*:*:*
    • cpe:2.3:a:videolan:vlc_media_player:0.9.1:*:*:*:*:*:*:*
    • cpe:2.3:a:videolan:vlc_media_player:0.9.2:*:*:*:*:*:*:*
    • cpe:2.3:a:videolan:vlc_media_player:0.9.3:*:*:*:*:*:*:*
    • cpe:2.3:a:videolan:vlc_media_player:0.9.4:*:*:*:*:*:*:*
    • cpe:2.3:a:videolan:vlc_media_player:0.9.5:*:*:*:*:*:*:*
    • cpe:2.3:a:videolan:vlc_media_player:0.9.6:*:*:*:*:*:*:*
    • cpe:2.3:a:videolan:vlc_media_player:0.9.7:*:*:*:*:*:*:*
    • cpe:2.3:a:videolan:vlc_media_player:0.9.8:*:*:*:*:*:*:*
    • (no CPE)range: 0.9.0-0.9.7

Patches

Vulnerability mechanics

References

12

News mentions

0

No linked articles in our index yet.