CVE-2017-9300 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	High
Remote	Yes
Type	Arbitrary code execution
Description	It was discovered that plugins\codec\libflac_plugin.so in VideoLAN VLC media player before 2.2.7 allows remote attackers to cause a heap corruption and application crash leading to denial of service or possibly execution of arbitrary code via a crafted FLAC file.

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-533	vlc	2.2.6-5	2.2.7-1	Critical	Fixed

Date	Advisory	Group	Package	Severity	Type
07 Dec 2017	ASA-201712-4	AVG-533	vlc	Critical	arbitrary code execution

References
https://git.videolan.org/?p=vlc/vlc-2.2.git;a=commitdiff;h=55a82442cfea9dab8b853f3a4610f2880c5fadf3