CVE-2017-8312 log

Source
Severity Medium
Remote No
Type Denial of service
Description
Heap out-of-bound read in ParseJSS in VideoLAN VLC due to missing check of string length allows attackers to read heap uninitialized data via a crafted subtitles file.
Group Package Affected Fixed Severity Status Ticket
AVG-283 vlc 2.2.4-9 2.2.6-1 High Fixed FS#54194
Date Advisory Group Package Severity Description
01 Jun 2017 ASA-201706-1 AVG-283 vlc High multiple issues
References
http://git.videolan.org/?p=vlc.git;a=commitdiff;h=611398fc8d32f3fe4331f60b220c52ba3557beaa