AVG-283 log
Package | vlc |
Status | Fixed |
Severity | High |
Type | multiple issues |
Affected | 2.2.4-9 |
Fixed | 2.2.6-1 |
Current | 3.0.21-6 [extra] |
Ticket | FS#54194 |
Created | Tue May 30 21:26:17 2017 |
Issue | Severity | Remote | Type | Description |
---|---|---|---|---|
CVE-2017-8312 | Medium | No | Denial of service | Heap out-of-bound read in ParseJSS in VideoLAN VLC due to missing check of string length allows attackers to read heap uninitialized data via a crafted... |
CVE-2017-8311 | High | No | Arbitrary code execution | Potential heap based buffer overflow in ParseJSS in VideoLAN VLC before 2.2.5 due to skipping NULL terminator in an input string allows attackers to execute... |
CVE-2017-8310 | Medium | No | Denial of service | Heap out-of-bound read in CreateHtmlSubtitle in VideoLAN VLC 2.2.x due to missing check of string termination allows attackers to read data beyond allocated... |
Date | Advisory | Package | Type |
---|---|---|---|
01 Jun 2017 | ASA-201706-1 | vlc | multiple issues |