2014-04-29
ALT-BU-2014-2740-1
Branch c7 update bulletin.
Closed vulnerabilities
Published: 2014-03-03
BDU:2019-03979
Уязвимость функции ASF_ReadObject_file_properties (modules/demux/asf/libasf.c) программы-медиапроигрывателя VideoLAN VLC, позволяющая нарушителю вызвать отказ в обслуживании
Severity: LOW (3.7)
Vector: AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
References:
Published: 2014-03-03
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2014-1684
The ASF_ReadObject_file_properties function in modules/demux/asf/libasf.c in the ASF Demuxer in VideoLAN VLC Media Player before 2.1.3 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a zero minimum and maximum data packet size in an ASF file.
Severity: MEDIUM (4.3)
References:
- http://git.videolan.org/gitweb.cgi/vlc.git/?p=vlc.git%3Ba=commitdiff%3Bh=98787d0843612271e99d62bee0dfd8197f0cf404
- http://git.videolan.org/gitweb.cgi/vlc.git/?p=vlc.git%3Ba=commitdiff%3Bh=98787d0843612271e99d62bee0dfd8197f0cf404
- http://www.elsherei.com/?p=269
- http://www.elsherei.com/?p=269
- GLSA-201603-08
- GLSA-201603-08
- https://trac.videolan.org/vlc/ticket/10482
- https://trac.videolan.org/vlc/ticket/10482