CVE-2017-8311 log

Source
Severity High
Remote No
Type Arbitrary code execution
Description
Potential heap based buffer overflow in ParseJSS in VideoLAN VLC before 2.2.5 due to skipping NULL terminator in an input string allows attackers to execute arbitrary code via a crafted subtitles file.
Group Package Affected Fixed Severity Status Ticket
AVG-283 vlc 2.2.4-9 2.2.6-1 High Fixed FS#54194
Date Advisory Group Package Severity Description
01 Jun 2017 ASA-201706-1 AVG-283 vlc High multiple issues
References
http://git.videolan.org/?p=vlc.git;a=commitdiff;h=775de716add17322f24b476439f903a829446eb6