CVE-2007-6684 Information

Description

The RTSP module in VideoLAN VLC 0.8.6d allows remote attackers to cause a denial of service (crash) via a request without a Transport parameter which triggers a NULL pointer dereference.

Reference

http://mailman.videolan.org/pipermail/vlc-devel/2007-September/034722.html http://secunia.com/advisories/29284 http://trac.videolan.org/vlc/changeset/22023 http://www.gentoo.org/security/en/glsa/glsa-200803-13.xml https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A14876