AVG-283 log
| Package | vlc |
| Status | Fixed |
| Severity | High |
| Type | multiple issues |
| Affected | 2.2.4-9 |
| Fixed | 2.2.6-1 |
| Current | 3.0.21-30 [extra] |
| Ticket | FS#54194 |
| Created | Tue May 30 21:26:17 2017 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2017-8312 | Medium | No | Denial of service | Heap out-of-bound read in ParseJSS in VideoLAN VLC due to missing check of string length allows attackers to read heap uninitialized data via a crafted... |
| CVE-2017-8311 | High | No | Arbitrary code execution | Potential heap based buffer overflow in ParseJSS in VideoLAN VLC before 2.2.5 due to skipping NULL terminator in an input string allows attackers to execute... |
| CVE-2017-8310 | Medium | No | Denial of service | Heap out-of-bound read in CreateHtmlSubtitle in VideoLAN VLC 2.2.x due to missing check of string termination allows attackers to read data beyond allocated... |
| Date | Advisory | Package | Type |
|---|---|---|---|
| 01 Jun 2017 | ASA-201706-1 | vlc | multiple issues |