CVE-2017-8310 - log back

CVE-2017-8310 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Local
Type
+ Denial of service
Description
+ Heap out-of-bound read in CreateHtmlSubtitle in VideoLAN VLC 2.2.x due to missing check of string termination allows attackers to read data beyond allocated memory and potentially crash the process (causing a denial of service) via a crafted subtitles file.
References
+ http://git.videolan.org/?p=vlc/vlc-2.2.git;a=commitdiff;h=7cac839692ab79dbfe5e4ebd4c4e37d9a8b1b328
Notes