Question 1

What is CVE-2008-0984?

Accepted Answer

CVE-2008-0984 is a high-severity software vulnerability (CWE-399) with a CVSS score of 9.3. The MP4 demuxer (mp4.c) for VLC media player 0.8.6d and earlier, as used in Miro Player 1.1 and earlier, allows remote attackers to overwrite arbitrary memory and execute arbitrary code via a malformed MP4 file.

Question 2

Is CVE-2008-0984 being actively exploited?

Accepted Answer

It is not currently in CISA's KEV catalog. Its EPSS exploitation probability is 15%.

Question 3

What products does CVE-2008-0984 affect?

Accepted Answer

Tracked products affected include VLC media player. Check the version you run to see whether it is affected.

Question 4

How do I fix CVE-2008-0984?

Accepted Answer

Apply the vendor fix promptly. Upgrade affected products to a fixed version.

CVE-2008-0984

Summary

Impact & exploitability

Affected products we track (1)

Recommendation

Additional information