O'Reilly logo

A Bug Hunter's Diary by Tobias Klein

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

2.5 Addendum

Note

Monday, October 20, 2008

Since the vulnerability was fixed and a new version of VLC is now available, I released a detailed security advisory on my website (Figure 2-10 shows the timeline).[21] The bug was assigned CVE-2008-4654.

Note

According to the documentation provided by MITRE,[22] Common Vulnerabilities and Exposures Identifiers (also called CVE names, CVE numbers, CVE-IDs, and CVEs) are “unique, common identifiers for publicly known information security vulnerabilities.”

Timeline of the vulnerability

Figure 2-10. Timeline of the vulnerability

Note

Monday, January 5, 2009

In reaction to the bug and my detailed advisory, I got a lot of mail with various questions ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required