Vulnerabilities > CVE-2007-6683 - Unspecified vulnerability in Videolan VLC 0.8.6D
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
The browser plugin in VideoLAN VLC 0.8.6d allows remote attackers to overwrite arbitrary files via (1) the :demuxdump-file option in a filename in a playlist, or (2) a EXTVLCOPT statement in an MP3 file, possibly an argument injection vulnerability.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Nessus
NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-200803-13.NASL description The remote host is affected by the vulnerability described in GLSA-200803-13 (VLC: Multiple vulnerabilities) Multiple vulnerabilities were found in VLC: Michal Luczaj and Luigi Auriemma reported that VLC contains boundary errors when handling subtitles in the ParseMicroDvd(), ParseSSA(), and ParseVplayer() functions in the modules/demux/subtitle.c file, allowing for a stack-based buffer overflow (CVE-2007-6681). The web interface listening on port 8080/tcp contains a format string error in the httpd_FileCallBack() function in the network/httpd.c file (CVE-2007-6682). The browser plugin possibly contains an argument injection vulnerability (CVE-2007-6683). The RSTP module triggers a NULL pointer dereference when processing a request without a last seen 2020-06-01 modified 2020-06-02 plugin id 31439 published 2008-03-13 reporter This script is Copyright (C) 2008-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/31439 title GLSA-200803-13 : VLC: Multiple vulnerabilities code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Gentoo Linux Security Advisory GLSA 200803-13. # # The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc. # and licensed under the Creative Commons - Attribution / Share Alike # license. See http://creativecommons.org/licenses/by-sa/3.0/ # include("compat.inc"); if (description) { script_id(31439); script_version("1.15"); script_cvs_date("Date: 2019/08/02 13:32:44"); script_cve_id("CVE-2007-6681", "CVE-2007-6682", "CVE-2007-6683", "CVE-2007-6684", "CVE-2008-0295", "CVE-2008-0296", "CVE-2008-0984"); script_xref(name:"GLSA", value:"200803-13"); script_name(english:"GLSA-200803-13 : VLC: Multiple vulnerabilities"); script_summary(english:"Checks for updated package(s) in /var/db/pkg"); script_set_attribute( attribute:"synopsis", value: "The remote Gentoo host is missing one or more security-related patches." ); script_set_attribute( attribute:"description", value: "The remote host is affected by the vulnerability described in GLSA-200803-13 (VLC: Multiple vulnerabilities) Multiple vulnerabilities were found in VLC: Michal Luczaj and Luigi Auriemma reported that VLC contains boundary errors when handling subtitles in the ParseMicroDvd(), ParseSSA(), and ParseVplayer() functions in the modules/demux/subtitle.c file, allowing for a stack-based buffer overflow (CVE-2007-6681). The web interface listening on port 8080/tcp contains a format string error in the httpd_FileCallBack() function in the network/httpd.c file (CVE-2007-6682). The browser plugin possibly contains an argument injection vulnerability (CVE-2007-6683). The RSTP module triggers a NULL pointer dereference when processing a request without a 'Transport' parameter (CVE-2007-6684). Luigi Auriemma and Remi Denis-Courmont found a boundary error in the modules/access/rtsp/real_sdpplin.c file when processing SDP data for RTSP sessions (CVE-2008-0295) and a vulnerability in the libaccess_realrtsp plugin (CVE-2008-0296), possibly resulting in a heap-based buffer overflow. Felipe Manzano and Anibal Sacco (Core Security Technologies) discovered an arbitrary memory overwrite vulnerability in VLC's MPEG-4 file format parser (CVE-2008-0984). Impact : A remote attacker could send a long subtitle in a file that a user is enticed to open, a specially crafted MP4 input file, long SDP data, or a specially crafted HTTP request with a 'Connection' header value containing format specifiers, possibly resulting in the remote execution of arbitrary code. Also, a Denial of Service could be caused and arbitrary files could be overwritten via the 'demuxdump-file' option in a filename in a playlist or via an EXTVLCOPT statement in an MP3 file. Workaround : There is no known workaround at this time." ); script_set_attribute( attribute:"see_also", value:"https://security.gentoo.org/glsa/200803-13" ); script_set_attribute( attribute:"solution", value: "All VLC users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=media-video/vlc-0.8.6e'" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_cwe_id(20, 119, 399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:vlc"); script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux"); script_set_attribute(attribute:"patch_publication_date", value:"2008/03/07"); script_set_attribute(attribute:"plugin_publication_date", value:"2008/03/13"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2008-2019 Tenable Network Security, Inc."); script_family(english:"Gentoo Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("qpkg.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo"); if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (qpkg_check(package:"media-video/vlc", unaffected:make_list("ge 0.8.6e"), vulnerable:make_list("lt 0.8.6e"))) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get()); else security_hole(0); exit(0); } else { tested = qpkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "VLC"); }NASL family Debian Local Security Checks NASL id DEBIAN_DSA-1543.NASL description Luigi Auriemma, Alin Rad Pop, Remi Denis-Courmont, Quovodis, Guido Landi, Felipe Manzano, Anibal Sacco and others discovered multiple vulnerabilities in vlc, an application for playback and streaming of audio and video. In the worst case, these weaknesses permit a remote, unauthenticated attacker to execute arbitrary code with the privileges of the user running vlc. The Common Vulnerabilities and Exposures project identifies the following eight problems : - CVE-2007-6681 A buffer overflow vulnerability in subtitle handling allows an attacker to execute arbitrary code through the opening of a maliciously crafted MicroDVD, SSA or Vplayer file. - CVE-2007-6682 A format string vulnerability in the HTTP-based remote control facility of the vlc application allows a remote, unauthenticated attacker to execute arbitrary code. - CVE-2007-6683 Insecure argument validation allows a remote attacker to overwrite arbitrary files writable by the user running vlc, if a maliciously crafted M3U playlist or MP3 audio file is opened. - CVE-2008-0295, CVE-2008-0296 Heap buffer overflows in RTSP stream and session description protocol (SDP) handling allow an attacker to execute arbitrary code if a maliciously crafted RTSP stream is played. - CVE-2008-0073 Insufficient integer bounds checking in SDP handling allows the execution of arbitrary code through a maliciously crafted SDP stream ID parameter in an RTSP stream. - CVE-2008-0984 Insufficient integrity checking in the MP4 demuxer allows a remote attacker to overwrite arbitrary memory and execute arbitrary code if a maliciously crafted MP4 file is opened. - CVE-2008-1489 An integer overflow vulnerability in MP4 handling allows a remote attacker to cause a heap buffer overflow, inducing a crash and possibly the execution of arbitrary code if a maliciously crafted MP4 file is opened. last seen 2020-06-01 modified 2020-06-02 plugin id 31949 published 2008-04-17 reporter This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/31949 title Debian DSA-1543-1 : vlc - several vulnerabilities code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Debian Security Advisory DSA-1543. The text # itself is copyright (C) Software in the Public Interest, Inc. # include("compat.inc"); if (description) { script_id(31949); script_version("1.18"); script_cvs_date("Date: 2019/08/02 13:32:21"); script_cve_id("CVE-2007-6681", "CVE-2007-6682", "CVE-2007-6683", "CVE-2008-0073", "CVE-2008-0295", "CVE-2008-0296", "CVE-2008-0984", "CVE-2008-1489"); script_xref(name:"DSA", value:"1543"); script_name(english:"Debian DSA-1543-1 : vlc - several vulnerabilities"); script_summary(english:"Checks dpkg output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote Debian host is missing a security-related update." ); script_set_attribute( attribute:"description", value: "Luigi Auriemma, Alin Rad Pop, Remi Denis-Courmont, Quovodis, Guido Landi, Felipe Manzano, Anibal Sacco and others discovered multiple vulnerabilities in vlc, an application for playback and streaming of audio and video. In the worst case, these weaknesses permit a remote, unauthenticated attacker to execute arbitrary code with the privileges of the user running vlc. The Common Vulnerabilities and Exposures project identifies the following eight problems : - CVE-2007-6681 A buffer overflow vulnerability in subtitle handling allows an attacker to execute arbitrary code through the opening of a maliciously crafted MicroDVD, SSA or Vplayer file. - CVE-2007-6682 A format string vulnerability in the HTTP-based remote control facility of the vlc application allows a remote, unauthenticated attacker to execute arbitrary code. - CVE-2007-6683 Insecure argument validation allows a remote attacker to overwrite arbitrary files writable by the user running vlc, if a maliciously crafted M3U playlist or MP3 audio file is opened. - CVE-2008-0295, CVE-2008-0296 Heap buffer overflows in RTSP stream and session description protocol (SDP) handling allow an attacker to execute arbitrary code if a maliciously crafted RTSP stream is played. - CVE-2008-0073 Insufficient integer bounds checking in SDP handling allows the execution of arbitrary code through a maliciously crafted SDP stream ID parameter in an RTSP stream. - CVE-2008-0984 Insufficient integrity checking in the MP4 demuxer allows a remote attacker to overwrite arbitrary memory and execute arbitrary code if a maliciously crafted MP4 file is opened. - CVE-2008-1489 An integer overflow vulnerability in MP4 handling allows a remote attacker to cause a heap buffer overflow, inducing a crash and possibly the execution of arbitrary code if a maliciously crafted MP4 file is opened." ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2007-6681" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2007-6682" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2007-6683" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2008-0295" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2008-0296" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2008-0073" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2008-0984" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2008-1489" ); script_set_attribute( attribute:"see_also", value:"https://www.debian.org/security/2008/dsa-1543" ); script_set_attribute( attribute:"solution", value: "Upgrade the vlc packages. For the stable distribution (etch), these problems have been fixed in version 0.8.6-svn20061012.debian-5.1+etch2." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_cwe_id(119, 189, 399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:vlc"); script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:4.0"); script_set_attribute(attribute:"patch_publication_date", value:"2008/04/09"); script_set_attribute(attribute:"plugin_publication_date", value:"2008/04/17"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Debian Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("debian_package.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian"); if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (deb_check(release:"4.0", prefix:"libvlc0", reference:"0.8.6-svn20061012.debian-5.1+etch2")) flag++; if (deb_check(release:"4.0", prefix:"libvlc0-dev", reference:"0.8.6-svn20061012.debian-5.1+etch2")) flag++; if (deb_check(release:"4.0", prefix:"mozilla-plugin-vlc", reference:"0.8.6-svn20061012.debian-5.1+etch2")) flag++; if (deb_check(release:"4.0", prefix:"vlc", reference:"0.8.6-svn20061012.debian-5.1+etch2")) flag++; if (deb_check(release:"4.0", prefix:"vlc-nox", reference:"0.8.6-svn20061012.debian-5.1+etch2")) flag++; if (deb_check(release:"4.0", prefix:"vlc-plugin-alsa", reference:"0.8.6-svn20061012.debian-5.1+etch2")) flag++; if (deb_check(release:"4.0", prefix:"vlc-plugin-arts", reference:"0.8.6-svn20061012.debian-5.1+etch2")) flag++; if (deb_check(release:"4.0", prefix:"vlc-plugin-esd", reference:"0.8.6-svn20061012.debian-5.1+etch2")) flag++; if (deb_check(release:"4.0", prefix:"vlc-plugin-ggi", reference:"0.8.6-svn20061012.debian-5.1+etch2")) flag++; if (deb_check(release:"4.0", prefix:"vlc-plugin-glide", reference:"0.8.6-svn20061012.debian-5.1+etch2")) flag++; if (deb_check(release:"4.0", prefix:"vlc-plugin-sdl", reference:"0.8.6-svn20061012.debian-5.1+etch2")) flag++; if (deb_check(release:"4.0", prefix:"vlc-plugin-svgalib", reference:"0.8.6-svn20061012.debian-5.1+etch2")) flag++; if (deb_check(release:"4.0", prefix:"wxvlc", reference:"0.8.6-svn20061012.debian-5.1+etch2")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");
Oval
| accepted | 2012-11-19T04:00:14.947-05:00 | ||||||||
| class | vulnerability | ||||||||
| contributors |
| ||||||||
| definition_extensions |
| ||||||||
| description | The browser plugin in VideoLAN VLC 0.8.6d allows remote attackers to overwrite arbitrary files via (1) the :demuxdump-file option in a filename in a playlist, or (2) a EXTVLCOPT statement in an MP3 file, possibly an argument injection vulnerability. | ||||||||
| family | windows | ||||||||
| id | oval:org.mitre.oval:def:14619 | ||||||||
| status | accepted | ||||||||
| submitted | 2012-01-24T15:20:33.178-04:00 | ||||||||
| title | The browser plugin in VideoLAN VLC 0.8.6d allows remote attackers to overwrite arbitrary files | ||||||||
| version | 6 |
Seebug
| bulletinFamily | exploit |
| description | BUGTRAQ ID: 28712 CVE(CAN) ID: CVE-2007-6683 VLC Media Player是一款免费的媒体播放器。 VLC Media Player在处理畸形格式的播放列表时存在漏洞,远程攻击者可能利用此漏洞覆盖任意文件。 如果播放列表的文件名中包含有特制:demuxdump-file选项的话,或MP3文件中包含有EXTVLCOPT语句的话,则在打开上述文件时VLC播放器的浏览器插件就可能注入参数,导致覆盖任意文件。 VideoLAN VLC Media Player 0.8.6d 厂商补丁: Debian ------ Debian已经为此发布了一个安全公告(DSA-1543-1)以及相应补丁: DSA-1543-1:New vlc packages fix several vulnerabilities 链接:<a href=http://www.debian.org/security/2008/dsa-1543 target=_blank>http://www.debian.org/security/2008/dsa-1543</a> 补丁下载: Source archives: <a href=http://security.debian.org/pool/updates/main/v/vlc/vlc_0.8.6-svn20061012.debian-5.1+etch2.diff.gz target=_blank>http://security.debian.org/pool/updates/main/v/vlc/vlc_0.8.6-svn20061012.debian-5.1+etch2.diff.gz</a> Size/MD5 checksum: 2383751 4429c3a0764cadf7bdcb67a90bdd5cac <a href=http://security.debian.org/pool/updates/main/v/vlc/vlc_0.8.6-svn20061012.debian.orig.tar.gz target=_blank>http://security.debian.org/pool/updates/main/v/vlc/vlc_0.8.6-svn20061012.debian.orig.tar.gz</a> Size/MD5 checksum: 15168393 30c18a2fdc4105606033ff6e6aeab81c <a href=http://security.debian.org/pool/updates/main/v/vlc/vlc_0.8.6-svn20061012.debian-5.1+etch2.dsc target=_blank>http://security.debian.org/pool/updates/main/v/vlc/vlc_0.8.6-svn20061012.debian-5.1+etch2.dsc</a> Size/MD5 checksum: 2614 6337a0f1aa8c1f4b1a98648d66c55c7f Architecture independent packages: <a href=http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-alsa_0.8.6-svn20061012.debian-5.1+etch2_all.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-alsa_0.8.6-svn20061012.debian-5.1+etch2_all.deb</a> Size/MD5 checksum: 784 0eb16d5cb4300c269d767d8efcf6fd56 <a href=http://security.debian.org/pool/updates/main/v/vlc/wxvlc_0.8.6-svn20061012.debian-5.1+etch2_all.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/wxvlc_0.8.6-svn20061012.debian-5.1+etch2_all.deb</a> Size/MD5 checksum: 778 6e2045ca43d51b8d8651640405c6e501 alpha architecture (DEC Alpha) <a href=http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-sdl_0.8.6-svn20061012.debian-5.1+etch2_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-sdl_0.8.6-svn20061012.debian-5.1+etch2_alpha.deb</a> Size/MD5 checksum: 13048 2dde2077d6c6b6b62760db79420e1964 <a href=http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-arts_0.8.6-svn20061012.debian-5.1+etch2_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-arts_0.8.6-svn20061012.debian-5.1+etch2_alpha.deb</a> Size/MD5 checksum: 4442 4efa89adf58bc5b546e6cd039ba09220 <a href=http://security.debian.org/pool/updates/main/v/vlc/libvlc0-dev_0.8.6-svn20061012.debian-5.1+etch2_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/libvlc0-dev_0.8.6-svn20061012.debian-5.1+etch2_alpha.deb</a> Size/MD5 checksum: 19970 ca201d67fe04a84a6383ccd02bb8b605 <a href=http://security.debian.org/pool/updates/main/v/vlc/mozilla-plugin-vlc_0.8.6-svn20061012.debian-5.1+etch2_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/mozilla-plugin-vlc_0.8.6-svn20061012.debian-5.1+etch2_alpha.deb</a> Size/MD5 checksum: 40322 4d0ce0d3d9f6b1915057d78a0785b143 <a href=http://security.debian.org/pool/updates/main/v/vlc/vlc-nox_0.8.6-svn20061012.debian-5.1+etch2_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/vlc-nox_0.8.6-svn20061012.debian-5.1+etch2_alpha.deb</a> Size/MD5 checksum: 5177304 744b30a6fd7ef97b628c552498548497 <a href=http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-esd_0.8.6-svn20061012.debian-5.1+etch2_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-esd_0.8.6-svn20061012.debian-5.1+etch2_alpha.deb</a> Size/MD5 checksum: 5022 c3b741230821c5d659d1f1266b03aa15 <a href=http://security.debian.org/pool/updates/main/v/vlc/libvlc0_0.8.6-svn20061012.debian-5.1+etch2_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/libvlc0_0.8.6-svn20061012.debian-5.1+etch2_alpha.deb</a> Size/MD5 checksum: 1157508 c98bf642658359cd96ae1feb1c0f0554 <a href=http://security.debian.org/pool/updates/main/v/vlc/vlc_0.8.6-svn20061012.debian-5.1+etch2_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/vlc_0.8.6-svn20061012.debian-5.1+etch2_alpha.deb</a> Size/MD5 checksum: 1307404 c3d2226ae485e006942fd1f702d02e33 <a href=http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-ggi_0.8.6-svn20061012.debian-5.1+etch2_alpha.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-ggi_0.8.6-svn20061012.debian-5.1+etch2_alpha.deb</a> Size/MD5 checksum: 6936 602249848f8d85444381ad3b05249c61 amd64 architecture (AMD x86_64 (AMD64)) <a href=http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-arts_0.8.6-svn20061012.debian-5.1+etch2_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-arts_0.8.6-svn20061012.debian-5.1+etch2_amd64.deb</a> Size/MD5 checksum: 4186 358a9c42de2f15e0050630ce8db82f49 <a href=http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-esd_0.8.6-svn20061012.debian-5.1+etch2_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-esd_0.8.6-svn20061012.debian-5.1+etch2_amd64.deb</a> Size/MD5 checksum: 4518 81e7edd9360bc8718f4e50c068aa5e2e <a href=http://security.debian.org/pool/updates/main/v/vlc/vlc_0.8.6-svn20061012.debian-5.1+etch2_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/vlc_0.8.6-svn20061012.debian-5.1+etch2_amd64.deb</a> Size/MD5 checksum: 1144080 86f1045c52f86d0072e62c7bc4710961 <a href=http://security.debian.org/pool/updates/main/v/vlc/libvlc0-dev_0.8.6-svn20061012.debian-5.1+etch2_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/libvlc0-dev_0.8.6-svn20061012.debian-5.1+etch2_amd64.deb</a> Size/MD5 checksum: 20190 26a4e777b60bab308122f54a121571ed <a href=http://security.debian.org/pool/updates/main/v/vlc/vlc-nox_0.8.6-svn20061012.debian-5.1+etch2_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/vlc-nox_0.8.6-svn20061012.debian-5.1+etch2_amd64.deb</a> Size/MD5 checksum: 4665850 754a2eea305e438ca4ea530baccb41f6 <a href=http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-ggi_0.8.6-svn20061012.debian-5.1+etch2_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-ggi_0.8.6-svn20061012.debian-5.1+etch2_amd64.deb</a> Size/MD5 checksum: 6052 4761ccae31f7fb91df097ae02d1db13b <a href=http://security.debian.org/pool/updates/main/v/vlc/mozilla-plugin-vlc_0.8.6-svn20061012.debian-5.1+etch2_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/mozilla-plugin-vlc_0.8.6-svn20061012.debian-5.1+etch2_amd64.deb</a> Size/MD5 checksum: 36768 15815cd72ec44625960f56121fbdd163 <a href=http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-sdl_0.8.6-svn20061012.debian-5.1+etch2_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-sdl_0.8.6-svn20061012.debian-5.1+etch2_amd64.deb</a> Size/MD5 checksum: 11330 19e27b3dcc17d19d40c63a424ffb3b74 <a href=http://security.debian.org/pool/updates/main/v/vlc/libvlc0_0.8.6-svn20061012.debian-5.1+etch2_amd64.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/libvlc0_0.8.6-svn20061012.debian-5.1+etch2_amd64.deb</a> Size/MD5 checksum: 951086 6a43d0f74f693ea25a5e96e76b9cbe5b arm architecture (ARM) <a href=http://security.debian.org/pool/updates/main/v/vlc/vlc_0.8.6-svn20061012.debian-5.1+etch2_arm.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/vlc_0.8.6-svn20061012.debian-5.1+etch2_arm.deb</a> Size/MD5 checksum: 1268066 02da0972696750201f1b4edea59bf902 <a href=http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-ggi_0.8.6-svn20061012.debian-5.1+etch2_arm.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-ggi_0.8.6-svn20061012.debian-5.1+etch2_arm.deb</a> Size/MD5 checksum: 6102 eb452de9bf1f548170b4d4772f3e1d8c <a href=http://security.debian.org/pool/updates/main/v/vlc/libvlc0-dev_0.8.6-svn20061012.debian-5.1+etch2_arm.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/libvlc0-dev_0.8.6-svn20061012.debian-5.1+etch2_arm.deb</a> Size/MD5 checksum: 20034 1a75d857a80a57042a05da96528947e4 <a href=http://security.debian.org/pool/updates/main/v/vlc/mozilla-plugin-vlc_0.8.6-svn20061012.debian-5.1+etch2_arm.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/mozilla-plugin-vlc_0.8.6-svn20061012.debian-5.1+etch2_arm.deb</a> Size/MD5 checksum: 33322 d255b25f957424b69cbf3cd14c9f6027 <a href=http://security.debian.org/pool/updates/main/v/vlc/vlc-nox_0.8.6-svn20061012.debian-5.1+etch2_arm.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/vlc-nox_0.8.6-svn20061012.debian-5.1+etch2_arm.deb</a> Size/MD5 checksum: 4734674 d80973f148a42666859771092bc66d53 <a href=http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-arts_0.8.6-svn20061012.debian-5.1+etch2_arm.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-arts_0.8.6-svn20061012.debian-5.1+etch2_arm.deb</a> Size/MD5 checksum: 4210 4ca63149485e881e9327b826bd7f4fb7 <a href=http://security.debian.org/pool/updates/main/v/vlc/libvlc0_0.8.6-svn20061012.debian-5.1+etch2_arm.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/libvlc0_0.8.6-svn20061012.debian-5.1+etch2_arm.deb</a> Size/MD5 checksum: 998936 809bafbe7249543ea1dcac9c39e28814 <a href=http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-esd_0.8.6-svn20061012.debian-5.1+etch2_arm.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-esd_0.8.6-svn20061012.debian-5.1+etch2_arm.deb</a> Size/MD5 checksum: 5586 59dbd1c633375ef1ca6bbdd110b32103 <a href=http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-sdl_0.8.6-svn20061012.debian-5.1+etch2_arm.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-sdl_0.8.6-svn20061012.debian-5.1+etch2_arm.deb</a> Size/MD5 checksum: 10806 7b692bcdb8ba8289a1bf3770f5deb019 hppa architecture (HP PA RISC) <a href=http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-sdl_0.8.6-svn20061012.debian-5.1+etch2_hppa.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-sdl_0.8.6-svn20061012.debian-5.1+etch2_hppa.deb</a> Size/MD5 checksum: 13748 024e3a2176324596213dc46604a3544d <a href=http://security.debian.org/pool/updates/main/v/vlc/vlc-nox_0.8.6-svn20061012.debian-5.1+etch2_hppa.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/vlc-nox_0.8.6-svn20061012.debian-5.1+etch2_hppa.deb</a> Size/MD5 checksum: 5231084 ac7073a0035ee2427a9db4b490ea4ee7 <a href=http://security.debian.org/pool/updates/main/v/vlc/libvlc0_0.8.6-svn20061012.debian-5.1+etch2_hppa.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/libvlc0_0.8.6-svn20061012.debian-5.1+etch2_hppa.deb</a> Size/MD5 checksum: 1084424 c8756e64fb1e5e7aaafb78844c698ea8 <a href=http://security.debian.org/pool/updates/main/v/vlc/mozilla-plugin-vlc_0.8.6-svn20061012.debian-5.1+etch2_hppa.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/mozilla-plugin-vlc_0.8.6-svn20061012.debian-5.1+etch2_hppa.deb</a> Size/MD5 checksum: 46664 2b320178feb2bbbae07659b0999ad728 <a href=http://security.debian.org/pool/updates/main/v/vlc/vlc_0.8.6-svn20061012.debian-5.1+etch2_hppa.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/vlc_0.8.6-svn20061012.debian-5.1+etch2_hppa.deb</a> Size/MD5 checksum: 1374206 3a444f5aeebbfe8c0bf3a44351753227 <a href=http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-esd_0.8.6-svn20061012.debian-5.1+etch2_hppa.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-esd_0.8.6-svn20061012.debian-5.1+etch2_hppa.deb</a> Size/MD5 checksum: 6960 d83669890e1a6359a7543c81245558f5 <a href=http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-arts_0.8.6-svn20061012.debian-5.1+etch2_hppa.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-arts_0.8.6-svn20061012.debian-5.1+etch2_hppa.deb</a> Size/MD5 checksum: 5360 fc5f122f3e2e62e56b6d2bca5ceedac5 <a href=http://security.debian.org/pool/updates/main/v/vlc/libvlc0-dev_0.8.6-svn20061012.debian-5.1+etch2_hppa.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/libvlc0-dev_0.8.6-svn20061012.debian-5.1+etch2_hppa.deb</a> Size/MD5 checksum: 20136 8cc0b29360f4c14fe7e6d67dabe6fb6b <a href=http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-ggi_0.8.6-svn20061012.debian-5.1+etch2_hppa.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-ggi_0.8.6-svn20061012.debian-5.1+etch2_hppa.deb</a> Size/MD5 checksum: 7792 d5644b71b9d5e0576f465615e19e59cc i386 architecture (Intel ia32) <a href=http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-arts_0.8.6-svn20061012.debian-5.1+etch2_i386.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-arts_0.8.6-svn20061012.debian-5.1+etch2_i386.deb</a> Size/MD5 checksum: 4106 8c02653af9311594966affefa77a8d1d <a href=http://security.debian.org/pool/updates/main/v/vlc/libvlc0-dev_0.8.6-svn20061012.debian-5.1+etch2_i386.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/libvlc0-dev_0.8.6-svn20061012.debian-5.1+etch2_i386.deb</a> Size/MD5 checksum: 20184 e9561fd52a2621b8aeb90fc2f84952ef <a href=http://security.debian.org/pool/updates/main/v/vlc/libvlc0_0.8.6-svn20061012.debian-5.1+etch2_i386.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/libvlc0_0.8.6-svn20061012.debian-5.1+etch2_i386.deb</a> Size/MD5 checksum: 957988 5e8bfccc97aec6801d4e91f7f79190ad <a href=http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-svgalib_0.8.6-svn20061012.debian-5.1+etch2_i386.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-svgalib_0.8.6-svn20061012.debian-5.1+etch2_i386.deb</a> Size/MD5 checksum: 4540 f79b718bb0fb3c959e10a1f0e19c82b2 <a href=http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-ggi_0.8.6-svn20061012.debian-5.1+etch2_i386.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-ggi_0.8.6-svn20061012.debian-5.1+etch2_i386.deb</a> Size/MD5 checksum: 5844 00dc67fdbfe9757623839055df9da79b <a href=http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-esd_0.8.6-svn20061012.debian-5.1+etch2_i386.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-esd_0.8.6-svn20061012.debian-5.1+etch2_i386.deb</a> Size/MD5 checksum: 4818 129657185fbe2d7afc776d3081de6d1b <a href=http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-sdl_0.8.6-svn20061012.debian-5.1+etch2_i386.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-sdl_0.8.6-svn20061012.debian-5.1+etch2_i386.deb</a> Size/MD5 checksum: 10716 558734e32098ae9dcf9a0e4f8d17b9ad <a href=http://security.debian.org/pool/updates/main/v/vlc/vlc-nox_0.8.6-svn20061012.debian-5.1+etch2_i386.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/vlc-nox_0.8.6-svn20061012.debian-5.1+etch2_i386.deb</a> Size/MD5 checksum: 4626988 2be57767012d22087957e5821fc5f039 <a href=http://security.debian.org/pool/updates/main/v/vlc/vlc_0.8.6-svn20061012.debian-5.1+etch2_i386.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/vlc_0.8.6-svn20061012.debian-5.1+etch2_i386.deb</a> Size/MD5 checksum: 1137658 0d1565969274d720665bd260bf985448 <a href=http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-glide_0.8.6-svn20061012.debian-5.1+etch2_i386.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-glide_0.8.6-svn20061012.debian-5.1+etch2_i386.deb</a> Size/MD5 checksum: 4138 0c4017ad5d34eef96b28cdd24125b7b2 <a href=http://security.debian.org/pool/updates/main/v/vlc/mozilla-plugin-vlc_0.8.6-svn20061012.debian-5.1+etch2_i386.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/mozilla-plugin-vlc_0.8.6-svn20061012.debian-5.1+etch2_i386.deb</a> Size/MD5 checksum: 36188 a51e365e9eab11dc6495ea638b07ff04 ia64 architecture (Intel ia64) <a href=http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-arts_0.8.6-svn20061012.debian-5.1+etch2_ia64.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-arts_0.8.6-svn20061012.debian-5.1+etch2_ia64.deb</a> Size/MD5 checksum: 5446 4bd7a8aa9ffdeeb92af617e01f34c8a8 <a href=http://security.debian.org/pool/updates/main/v/vlc/vlc_0.8.6-svn20061012.debian-5.1+etch2_ia64.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/vlc_0.8.6-svn20061012.debian-5.1+etch2_ia64.deb</a> Size/MD5 checksum: 1568906 05044a1e508e84db111ee0ee3d85b675 <a href=http://security.debian.org/pool/updates/main/v/vlc/mozilla-plugin-vlc_0.8.6-svn20061012.debian-5.1+etch2_ia64.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/mozilla-plugin-vlc_0.8.6-svn20061012.debian-5.1+etch2_ia64.deb</a> Size/MD5 checksum: 49108 d9f76b5ab3d4c8e44bae8b9f1bff68f0 <a href=http://security.debian.org/pool/updates/main/v/vlc/vlc-nox_0.8.6-svn20061012.debian-5.1+etch2_ia64.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/vlc-nox_0.8.6-svn20061012.debian-5.1+etch2_ia64.deb</a> Size/MD5 checksum: 5904342 16fe4a1010b0195f27eb7b2360269dfd <a href=http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-ggi_0.8.6-svn20061012.debian-5.1+etch2_ia64.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-ggi_0.8.6-svn20061012.debian-5.1+etch2_ia64.deb</a> Size/MD5 checksum: 9098 965e4b181f3d9e74279e7156d11988c7 <a href=http://security.debian.org/pool/updates/main/v/vlc/libvlc0-dev_0.8.6-svn20061012.debian-5.1+etch2_ia64.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/libvlc0-dev_0.8.6-svn20061012.debian-5.1+etch2_ia64.deb</a> Size/MD5 checksum: 20132 ec05ce0fa6d022222d2e9f89fc087205 <a href=http://security.debian.org/pool/updates/main/v/vlc/libvlc0_0.8.6-svn20061012.debian-5.1+etch2_ia64.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/libvlc0_0.8.6-svn20061012.debian-5.1+etch2_ia64.deb</a> Size/MD5 checksum: 1459208 3d549b3d18833d33e6cb374aa3b3a3e6 <a href=http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-esd_0.8.6-svn20061012.debian-5.1+etch2_ia64.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-esd_0.8.6-svn20061012.debian-5.1+etch2_ia64.deb</a> Size/MD5 checksum: 6206 774a31208c986344fce6de1e9166e6a3 <a href=http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-sdl_0.8.6-svn20061012.debian-5.1+etch2_ia64.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-sdl_0.8.6-svn20061012.debian-5.1+etch2_ia64.deb</a> Size/MD5 checksum: 17186 542b1bb71909328529927bcfc3f8bf9f mips architecture (MIPS (Big Endian)) <a href=http://security.debian.org/pool/updates/main/v/vlc/vlc-nox_0.8.6-svn20061012.debian-5.1+etch2_mips.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/vlc-nox_0.8.6-svn20061012.debian-5.1+etch2_mips.deb</a> Size/MD5 checksum: 4992336 567d501ec4e4fabc1abd96c37f72e5c2 <a href=http://security.debian.org/pool/updates/main/v/vlc/libvlc0-dev_0.8.6-svn20061012.debian-5.1+etch2_mips.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/libvlc0-dev_0.8.6-svn20061012.debian-5.1+etch2_mips.deb</a> Size/MD5 checksum: 20048 8b5df3829a534020689e46a1ec9d90ad <a href=http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-arts_0.8.6-svn20061012.debian-5.1+etch2_mips.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-arts_0.8.6-svn20061012.debian-5.1+etch2_mips.deb</a> Size/MD5 checksum: 4486 03de077e7343083d1acaf68933e50e63 <a href=http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-esd_0.8.6-svn20061012.debian-5.1+etch2_mips.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-esd_0.8.6-svn20061012.debian-5.1+etch2_mips.deb</a> Size/MD5 checksum: 5964 1582ee4ea7a632707b154375b154f589 <a href=http://security.debian.org/pool/updates/main/v/vlc/mozilla-plugin-vlc_0.8.6-svn20061012.debian-5.1+etch2_mips.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/mozilla-plugin-vlc_0.8.6-svn20061012.debian-5.1+etch2_mips.deb</a> Size/MD5 checksum: 35576 057e1c1e7c3fe40a559412fe0dc15993 <a href=http://security.debian.org/pool/updates/main/v/vlc/vlc_0.8.6-svn20061012.debian-5.1+etch2_mips.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/vlc_0.8.6-svn20061012.debian-5.1+etch2_mips.deb</a> Size/MD5 checksum: 1109938 27ecbceeb56f8252169f8cb5a0965bec <a href=http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-sdl_0.8.6-svn20061012.debian-5.1+etch2_mips.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-sdl_0.8.6-svn20061012.debian-5.1+etch2_mips.deb</a> Size/MD5 checksum: 12276 f4271076704b885cdba3ddc4ea13af54 <a href=http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-ggi_0.8.6-svn20061012.debian-5.1+etch2_mips.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-ggi_0.8.6-svn20061012.debian-5.1+etch2_mips.deb</a> Size/MD5 checksum: 6846 0fba8c551a00e996d7180b594d036ce1 <a href=http://security.debian.org/pool/updates/main/v/vlc/libvlc0_0.8.6-svn20061012.debian-5.1+etch2_mips.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/libvlc0_0.8.6-svn20061012.debian-5.1+etch2_mips.deb</a> Size/MD5 checksum: 1005576 cda98754f16880c860ba4dfb0e2f5d84 mipsel architecture (MIPS (Little Endian)) <a href=http://security.debian.org/pool/updates/main/v/vlc/vlc_0.8.6-svn20061012.debian-5.1+etch2_mipsel.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/vlc_0.8.6-svn20061012.debian-5.1+etch2_mipsel.deb</a> Size/MD5 checksum: 1005628 cc8284dc0e2c37a8cb8d5f7b3905ab67 <a href=http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-sdl_0.8.6-svn20061012.debian-5.1+etch2_mipsel.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-sdl_0.8.6-svn20061012.debian-5.1+etch2_mipsel.deb</a> Size/MD5 checksum: 11948 f60b93957001af64b98a5ad0711e5cf7 <a href=http://security.debian.org/pool/updates/main/v/vlc/mozilla-plugin-vlc_0.8.6-svn20061012.debian-5.1+etch2_mipsel.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/mozilla-plugin-vlc_0.8.6-svn20061012.debian-5.1+etch2_mipsel.deb</a> Size/MD5 checksum: 34618 13fc079120bae335d89eb33b92f52940 <a href=http://security.debian.org/pool/updates/main/v/vlc/libvlc0-dev_0.8.6-svn20061012.debian-5.1+etch2_mipsel.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/libvlc0-dev_0.8.6-svn20061012.debian-5.1+etch2_mipsel.deb</a> Size/MD5 checksum: 20140 70191b75acf2eb4c58c34d1b8be591c1 <a href=http://security.debian.org/pool/updates/main/v/vlc/libvlc0_0.8.6-svn20061012.debian-5.1+etch2_mipsel.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/libvlc0_0.8.6-svn20061012.debian-5.1+etch2_mipsel.deb</a> Size/MD5 checksum: 922612 54bfaf3c3eb3b19f0714d8b0de5237b7 <a href=http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-esd_0.8.6-svn20061012.debian-5.1+etch2_mipsel.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-esd_0.8.6-svn20061012.debian-5.1+etch2_mipsel.deb</a> Size/MD5 checksum: 5918 8e7edf87b7f3fbbf00286e6fa9c360d3 <a href=http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-arts_0.8.6-svn20061012.debian-5.1+etch2_mipsel.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-arts_0.8.6-svn20061012.debian-5.1+etch2_mipsel.deb</a> Size/MD5 checksum: 4480 9fa80f663454ed8fb808849b2290fa1d <a href=http://security.debian.org/pool/updates/main/v/vlc/vlc-nox_0.8.6-svn20061012.debian-5.1+etch2_mipsel.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/vlc-nox_0.8.6-svn20061012.debian-5.1+etch2_mipsel.deb</a> Size/MD5 checksum: 4667782 3679f996505b29854f3b03bd13e96b93 <a href=http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-ggi_0.8.6-svn20061012.debian-5.1+etch2_mipsel.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-ggi_0.8.6-svn20061012.debian-5.1+etch2_mipsel.deb</a> Size/MD5 checksum: 6714 74b0c49a181154ac26d1efed613e4d91 powerpc architecture (PowerPC) <a href=http://security.debian.org/pool/updates/main/v/vlc/libvlc0_0.8.6-svn20061012.debian-5.1+etch2_powerpc.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/libvlc0_0.8.6-svn20061012.debian-5.1+etch2_powerpc.deb</a> Size/MD5 checksum: 1020782 e46bfa0668b50ebf34259c7e990276dd <a href=http://security.debian.org/pool/updates/main/v/vlc/libvlc0-dev_0.8.6-svn20061012.debian-5.1+etch2_powerpc.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/libvlc0-dev_0.8.6-svn20061012.debian-5.1+etch2_powerpc.deb</a> Size/MD5 checksum: 20196 5e8a83fd4e825527c8be82e0e2a66c74 <a href=http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-ggi_0.8.6-svn20061012.debian-5.1+etch2_powerpc.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-ggi_0.8.6-svn20061012.debian-5.1+etch2_powerpc.deb</a> Size/MD5 checksum: 7976 b55ac0427e5d4d2816fa7b9f15669b3f <a href=http://security.debian.org/pool/updates/main/v/vlc/vlc-nox_0.8.6-svn20061012.debian-5.1+etch2_powerpc.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/vlc-nox_0.8.6-svn20061012.debian-5.1+etch2_powerpc.deb</a> Size/MD5 checksum: 5098930 fee368e3868bcad1d587eba8bdb0193e <a href=http://security.debian.org/pool/updates/main/v/vlc/mozilla-plugin-vlc_0.8.6-svn20061012.debian-5.1+etch2_powerpc.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/mozilla-plugin-vlc_0.8.6-svn20061012.debian-5.1+etch2_powerpc.deb</a> Size/MD5 checksum: 38238 af84ad7b77101b7a45462283b455d4c1 <a href=http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-esd_0.8.6-svn20061012.debian-5.1+etch2_powerpc.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-esd_0.8.6-svn20061012.debian-5.1+etch2_powerpc.deb</a> Size/MD5 checksum: 6906 cd462e598e15d3f2147eb1eb224679ec <a href=http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-sdl_0.8.6-svn20061012.debian-5.1+etch2_powerpc.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-sdl_0.8.6-svn20061012.debian-5.1+etch2_powerpc.deb</a> Size/MD5 checksum: 13674 99248778e655e23ffa52ed41a496c9ab <a href=http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-arts_0.8.6-svn20061012.debian-5.1+etch2_powerpc.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-arts_0.8.6-svn20061012.debian-5.1+etch2_powerpc.deb</a> Size/MD5 checksum: 5624 a506a0cb520dd7b9c9bcd1ed999a30ba <a href=http://security.debian.org/pool/updates/main/v/vlc/vlc_0.8.6-svn20061012.debian-5.1+etch2_powerpc.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/vlc_0.8.6-svn20061012.debian-5.1+etch2_powerpc.deb</a> Size/MD5 checksum: 1188886 69ffa9a6f4a0d90e54bf5764974f6035 s390 architecture (IBM S/390) <a href=http://security.debian.org/pool/updates/main/v/vlc/libvlc0-dev_0.8.6-svn20061012.debian-5.1+etch2_s390.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/libvlc0-dev_0.8.6-svn20061012.debian-5.1+etch2_s390.deb</a> Size/MD5 checksum: 20130 bc0e62799b86a7bfbeedfc7864f398d1 <a href=http://security.debian.org/pool/updates/main/v/vlc/vlc_0.8.6-svn20061012.debian-5.1+etch2_s390.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/vlc_0.8.6-svn20061012.debian-5.1+etch2_s390.deb</a> Size/MD5 checksum: 1172960 cc56ced14c4ee3d5d22062f93c436329 <a href=http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-sdl_0.8.6-svn20061012.debian-5.1+etch2_s390.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-sdl_0.8.6-svn20061012.debian-5.1+etch2_s390.deb</a> Size/MD5 checksum: 11412 ea595a287d20d338299f24f710c0573b <a href=http://security.debian.org/pool/updates/main/v/vlc/mozilla-plugin-vlc_0.8.6-svn20061012.debian-5.1+etch2_s390.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/mozilla-plugin-vlc_0.8.6-svn20061012.debian-5.1+etch2_s390.deb</a> Size/MD5 checksum: 38334 85cd8a72aa36ac5f26be3ee5750d3067 <a href=http://security.debian.org/pool/updates/main/v/vlc/vlc-nox_0.8.6-svn20061012.debian-5.1+etch2_s390.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/vlc-nox_0.8.6-svn20061012.debian-5.1+etch2_s390.deb</a> Size/MD5 checksum: 4860002 b89b90d7d86c4a3fcf3dccc078076ccb <a href=http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-esd_0.8.6-svn20061012.debian-5.1+etch2_s390.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-esd_0.8.6-svn20061012.debian-5.1+etch2_s390.deb</a> Size/MD5 checksum: 6052 e7c83a80acf31a651d52a4d5f5fe7e9a <a href=http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-ggi_0.8.6-svn20061012.debian-5.1+etch2_s390.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-ggi_0.8.6-svn20061012.debian-5.1+etch2_s390.deb</a> Size/MD5 checksum: 6324 d55ec88b0ad7f013bfa98092dab0cfcb <a href=http://security.debian.org/pool/updates/main/v/vlc/libvlc0_0.8.6-svn20061012.debian-5.1+etch2_s390.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/libvlc0_0.8.6-svn20061012.debian-5.1+etch2_s390.deb</a> Size/MD5 checksum: 1019244 c251ec27920487c738f8cf066cc68a1e <a href=http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-arts_0.8.6-svn20061012.debian-5.1+etch2_s390.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-arts_0.8.6-svn20061012.debian-5.1+etch2_s390.deb</a> Size/MD5 checksum: 4298 220d422067ce6afa11b7d9ad59c2d2a9 sparc architecture (Sun SPARC/UltraSPARC) <a href=http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-ggi_0.8.6-svn20061012.debian-5.1+etch2_sparc.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-ggi_0.8.6-svn20061012.debian-5.1+etch2_sparc.deb</a> Size/MD5 checksum: 5750 3e7afff7945c3e8c0d47028f796d3db7 <a href=http://security.debian.org/pool/updates/main/v/vlc/vlc_0.8.6-svn20061012.debian-5.1+etch2_sparc.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/vlc_0.8.6-svn20061012.debian-5.1+etch2_sparc.deb</a> Size/MD5 checksum: 1189608 98626258ae677dc1377d125d3a9561f6 <a href=http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-sdl_0.8.6-svn20061012.debian-5.1+etch2_sparc.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-sdl_0.8.6-svn20061012.debian-5.1+etch2_sparc.deb</a> Size/MD5 checksum: 10402 093498ebe1f1cf92c11c14c76e8103a7 <a href=http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-arts_0.8.6-svn20061012.debian-5.1+etch2_sparc.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-arts_0.8.6-svn20061012.debian-5.1+etch2_sparc.deb</a> Size/MD5 checksum: 3920 6424651bd9f7e1dc02b32f54405102c6 <a href=http://security.debian.org/pool/updates/main/v/vlc/vlc-nox_0.8.6-svn20061012.debian-5.1+etch2_sparc.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/vlc-nox_0.8.6-svn20061012.debian-5.1+etch2_sparc.deb</a> Size/MD5 checksum: 4660246 e140b92e49e8696cf8f8e79fd3602db3 <a href=http://security.debian.org/pool/updates/main/v/vlc/libvlc0-dev_0.8.6-svn20061012.debian-5.1+etch2_sparc.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/libvlc0-dev_0.8.6-svn20061012.debian-5.1+etch2_sparc.deb</a> Size/MD5 checksum: 20132 aa1be17dfad7343c6e9f0529994a5780 <a href=http://security.debian.org/pool/updates/main/v/vlc/mozilla-plugin-vlc_0.8.6-svn20061012.debian-5.1+etch2_sparc.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/mozilla-plugin-vlc_0.8.6-svn20061012.debian-5.1+etch2_sparc.deb</a> Size/MD5 checksum: 33300 a8780853e4bafa376731ba0bca0badbf <a href=http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-esd_0.8.6-svn20061012.debian-5.1+etch2_sparc.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/vlc-plugin-esd_0.8.6-svn20061012.debian-5.1+etch2_sparc.deb</a> Size/MD5 checksum: 4752 bceca30ee766bad0fad02a43bc869f8a <a href=http://security.debian.org/pool/updates/main/v/vlc/libvlc0_0.8.6-svn20061012.debian-5.1+etch2_sparc.deb target=_blank>http://security.debian.org/pool/updates/main/v/vlc/libvlc0_0.8.6-svn20061012.debian-5.1+etch2_sparc.deb</a> Size/MD5 checksum: 950520 02d9f43b9b116abc2836db2bf55cfc64 补丁安装方法: 1. 手工安装补丁包: 首先,使用下面的命令来下载补丁软件: # wget url (url是补丁下载链接地址) 然后,使用下面的命令来安装补丁: # dpkg -i file.deb (file是相应的补丁名) 2. 使用apt-get自动安装补丁包: 首先,使用下面的命令更新内部数据库: # apt-get update 然后,使用下面的命令安装更新软件包: # apt-get upgrade VideoLAN -------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: <a href=http://www.videolan.org/mirror-geo.php?file=vlc/0.8.6f/win32/vlc-0.8.6_f-win32.exe target=_blank>http://www.videolan.org/mirror-geo.php?file=vlc/0.8.6f/win32/vlc-0.8.6_f-win32.exe</a> <a href=http://download.videolan.org/pub/videolan/vlc/0.8.6f/vlc-0.8.6f.tar.gz target=_blank>http://download.videolan.org/pub/videolan/vlc/0.8.6f/vlc-0.8.6f.tar.gz</a> |
| id | SSV:3146 |
| last seen | 2017-11-19 |
| modified | 2008-04-11 |
| published | 2008-04-11 |
| reporter | Root |
| source | https://www.seebug.org/vuldb/ssvid-3146 |
| title | VLC媒体播放器浏览器插件任意文件覆盖漏洞 |
References
- http://mailman.videolan.org/pipermail/vlc-devel/2007-December/037726.html
- http://osvdb.org/42205
- http://osvdb.org/42206
- http://secunia.com/advisories/29284
- http://secunia.com/advisories/29766
- http://www.debian.org/security/2008/dsa-1543
- http://www.gentoo.org/security/en/glsa/glsa-200803-13.xml
- http://www.securityfocus.com/bid/28712
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14619
- https://trac.videolan.org/vlc/changeset/23197
- https://trac.videolan.org/vlc/ticket/1371