AVG-533

Package vlc
Status Fixed
Severity Critical
Type arbitrary code execution
Affected 2.2.6-5
Fixed 2.2.7-1
Current 3.0.7.1-1 [extra]
Ticket None
Created Thu Nov 30 17:59:59 2017
Issue Severity Remote Type Description
CVE-2017-10699 Critical Yes Arbitrary code execution
It was discovered that avcodec 2.2.x, as used in VideoLAN VLC media player before 2.2.7, allows out-of-bounds heap memory write due to calling memcpy() with...
CVE-2017-9300 High Yes Arbitrary code execution
It was discovered that plugins\codec\libflac_plugin.so in VideoLAN VLC media player before 2.2.7 allows remote attackers to cause a heap corruption and...
Date Advisory Package Description
07 Dec 2017 ASA-201712-4 vlc arbitrary code execution