- Status Closed
- Percent Complete
- Task Type Security Issue
- Category Any
-
Assigned To
Emulatorman - Operating System All
- Severity Critical
- Priority Very High
- Reported Version Any
- Due in Version Starfix
-
Due Date
Undecided
- Votes
- Private
Attached to Project: Packages
Opened by Emulatorman - 28/09/2018
Last edited by Emulatorman - 29/09/2018
Opened by Emulatorman - 28/09/2018
Last edited by Emulatorman - 29/09/2018
FS#1206 - [vlc] CVE-2017-17670
Description:
- In VideoLAN VLC media player through 2.2.8, there is a type conversion vulnerability in modules/demux/mp4/libmp4.c in the MP4 demux module leading to a invalid free, because the type of a box may be changed between a read operation and a free operation.
Additional info:
* package version(s)
- 2.2.6-1.hyperbola1
* config and/or log files etc.
- None
Steps to reproduce:
- Run VLC
Loading...
Available keyboard shortcuts
- Alt + ⇧ Shift + l Login Dialog / Logout
- Alt + ⇧ Shift + a Add new task
- Alt + ⇧ Shift + m My searches
- Alt + ⇧ Shift + t focus taskid search
Tasklist
- o open selected task
- j move cursor down
- k move cursor up
Task Details
- n Next task
- p Previous task
- Alt + ⇧ Shift + e ↵ Enter Edit this task
- Alt + ⇧ Shift + w watch task
- Alt + ⇧ Shift + y Close Task
Task Editing
- Alt + ⇧ Shift + s save task