CVE-2017-8311 log
Source |
|
Severity | High |
Remote | No |
Type | Arbitrary code execution |
Description | Potential heap based buffer overflow in ParseJSS in VideoLAN VLC before 2.2.5 due to skipping NULL terminator in an input string allows attackers to execute arbitrary code via a crafted subtitles file. |
Group | Package | Affected | Fixed | Severity | Status | Ticket |
---|---|---|---|---|---|---|
AVG-283 | vlc | 2.2.4-9 | 2.2.6-1 | High | Fixed | FS#54194 |
Date | Advisory | Group | Package | Severity | Type |
---|---|---|---|---|---|
01 Jun 2017 | ASA-201706-1 | AVG-283 | vlc | High | multiple issues |
References |
---|
http://git.videolan.org/?p=vlc.git;a=commitdiff;h=775de716add17322f24b476439f903a829446eb6 |