CVE-2007-0017

Name	CVE-2007-0017
Description	Multiple format string vulnerabilities in (1) the cdio_log_handler function in modules/access/cdda/access.c in the CDDA (libcdda_plugin) plugin, and the (2) cdio_log_handler and (3) vcd_log_handler functions in modules/access/vcdx/access.c in the VCDX (libvcdx_plugin) plugin, in VideoLAN VLC 0.7.0 through 0.8.6 allow user-assisted remote attackers to execute arbitrary code via format string specifiers in an invalid URI, as demonstrated by a udp://-- URI in an M3U file.
Source	CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
References	DSA-1252-1
Debian Bugs	405425

Vulnerable and fixed packages

The table below lists information on source packages.

Source Package	Release	Version	Status
vlc (PTS)	jessie, jessie (lts)	2.2.7-1~deb8u1	fixed
	stretch (security)	3.0.12-0+deb9u1	fixed
	stretch (lts), stretch	3.0.21-0+deb9u1	fixed
	buster, buster (lts)	3.0.21-0+deb10u1	fixed
	buster (security)	3.0.20-0+deb10u1	fixed
	bullseye (security), bullseye	3.0.21-0+deb11u1	fixed
	bookworm (security), bookworm	3.0.21-0+deb12u1	fixed
	sid, trixie	3.0.21-2	fixed

The information below is based on the following data on fixed versions.

Package	Type	Release	Fixed Version	Urgency	Origin	Debian Bugs
vlc	source	sarge	0.8.1.svn20050314-1sarge2		DSA-1252-1
vlc	source	etch	0.8.6-svn20061012.debian-3		DSA-1252-1
vlc	source	(unstable)	0.8.6-svn20061012.debian-1.2	medium		405425