CVE-2020-26664 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	Medium
Remote	No
Type	Arbitrary code execution
Description	A vulnerability in EbmlTypeDispatcher::send in VideoLAN VLC media player 3.0.11 allows attackers to trigger a heap-based buffer overflow via a crafted .mkv file. It is fixed in version 3.0.12.

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-1423	vlc	3.0.11.1-6	3.0.12-1	Medium	Fixed

Date	Advisory	Group	Package	Severity	Type
20 Jan 2021	ASA-202101-35	AVG-1423	vlc	Medium	arbitrary code execution

References
https://gist.githubusercontent.com/henices/db11664dd45b9f322f8514d182aef5ea/raw/d56940c8bf211992bf4f3309a85bb2b69383e511/CVE-2020-26664.txt https://code.videolan.org/videolan/vlc-3.0/-/commit/ec1f55ee9ace5cc675395a1bc9700d99679e7e8c

References

https://gist.githubusercontent.com/henices/db11664dd45b9f322f8514d182aef5ea/raw/d56940c8bf211992bf4f3309a85bb2b69383e511/CVE-2020-26664.txt
https://code.videolan.org/videolan/vlc-3.0/-/commit/ec1f55ee9ace5cc675395a1bc9700d99679e7e8c