{"id":"DEBIAN-CVE-2008-5032","details":"Stack-based buffer overflow in VideoLAN VLC media player 0.5.0 through 0.9.5 might allow user-assisted attackers to execute arbitrary code via the header of an invalid CUE image file, related to modules/access/vcd/cdrom.c.  NOTE: this identifier originally included an issue related to RealText, but that issue has been assigned a separate identifier, CVE-2008-5036.","modified":"2025-11-19T02:04:39.281708Z","published":"2008-11-10T16:15:12.157Z","upstream":["CVE-2008-5032"],"references":[{"type":"ADVISORY","url":"https://security-tracker.debian.org/tracker/CVE-2008-5032"}],"affected":[{"package":{"name":"vlc","ecosystem":"Debian:11","purl":"pkg:deb/debian/vlc?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.8.6.h-5"}]}],"ecosystem_specific":{"urgency":"medium"},"database_specific":{"source":"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2008-5032.json"}},{"package":{"name":"vlc","ecosystem":"Debian:12","purl":"pkg:deb/debian/vlc?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.8.6.h-5"}]}],"ecosystem_specific":{"urgency":"medium"},"database_specific":{"source":"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2008-5032.json"}},{"package":{"name":"vlc","ecosystem":"Debian:13","purl":"pkg:deb/debian/vlc?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.8.6.h-5"}]}],"ecosystem_specific":{"urgency":"medium"},"database_specific":{"source":"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2008-5032.json"}},{"package":{"name":"vlc","ecosystem":"Debian:14","purl":"pkg:deb/debian/vlc?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.8.6.h-5"}]}],"ecosystem_specific":{"urgency":"medium"},"database_specific":{"source":"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2008-5032.json"}}],"schema_version":"1.7.3"}