---

CVE-2017-9300 - log back

CVE-2017-9300 created at 25 Sep 2019 19:31:40
Severity	+ High
Remote	+ Remote
Type	+ Arbitrary code execution
Description	+ It was discovered that plugins\codec\libflac_plugin.so in VideoLAN VLC media player before 2.2.7 allows remote attackers to cause a heap corruption and application crash leading to denial of service or possibly execution of arbitrary code via a crafted FLAC file.
References	+ https://git.videolan.org/?p=vlc/vlc-2.2.git;a=commitdiff;h=55a82442cfea9dab8b853f3a4610f2880c5fadf3
Notes