CVE-2007-3467 Information

Description

Integer overflow in the __status_Update function in stats.c VideoLAN VLC Media Player before 0.8.6c allows remote attackers to cause a denial of service (crash) via a WAV file with a large sample rate.

Reference

http://osvdb.org/42189 http://secunia.com/advisories/25980 http://www.debian.org/security/2007/dsa-1332 http://www.isecpartners.com/advisories/2007-001-vlc.txt http://www.securityfocus.com/archive/1/471933/100/0/threaded https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A14863