Author: keescook-guest Date: 2007-03-08 20:40:49 +0000 (Thu, 08 Mar 2007) New Revision: 5526 Modified: data/CVE/list data/embedded-code-copies Log: checked vlc for DMO overflow Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-03-08 20:11:21 UTC (rev 5525) +++ data/CVE/list 2007-03-08 20:40:49 UTC (rev 5526) @@ -139,6 +139,7 @@ CVE-2007-1246 (The DMO_VideoDecoder_Open function in loader/dmo/DMO_VideoDecoder.c in ...) - mplayer <unfixed> (medium) - xine-lib <unfixed> (medium) + NOTE: vlc checked, and is not affected. CVE-2007-1245 (IrfanView 3.99 allows remote attackers to cause a denial of service ...) NOT-FOR-US: IrfanView CVE-2007-1244 (Cross-site request forgery (CSRF) vulnerability in the AdminPanel in ...) Modified: data/embedded-code-copies ==================================================================--- data/embedded-code-copies 2007-03-08 20:11:21 UTC (rev 5525) +++ data/embedded-code-copies 2007-03-08 20:40:49 UTC (rev 5526) @@ -252,5 +252,6 @@ unrar-free: (maybe this code is derived from the original rar, too?) clamav (seems to be disabled in default config) -mplayer: -xine-lib (libw32dll) +mplayer (DirectMedia Object loader): +xine-lib (src/libw32dll/) +vlc (modules/codec/dmo/)