Package vlc updated to version 2.2.4-alt1 for branch p8 in task 166765.

Published: 2016-06-08

BDU:2019-03987

Уязвимость функции DecodeAdpcmImaQT (modules/codec/adpcm.c) программы-медиапроигрывателя VideoLAN VLC, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании

Severity: CRITICAL (9.8) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References:

CVE-2016-5108

Published: 2016-06-08
Modified: 2024-11-21

CVE-2016-5108

Buffer overflow in the DecodeAdpcmImaQT function in modules/codec/adpcm.c in VideoLAN VLC media player before 2.2.4 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted QuickTime IMA file.

Severity: CRITICAL (9.8) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References:

openSUSE-SU-2016:1651
openSUSE-SU-2016:1651
DSA-3598
DSA-3598
90924
90924
1036009
1036009
http://www.videolan.org/security/sa1601.html
http://www.videolan.org/security/sa1601.html
GLSA-201701-39
GLSA-201701-39

Version: 2.1.0

Package vlc update in p8 on 2016-07-08

ALT-PU-2016-1730-1

Closed vulnerabilities

BDU:2019-03987

CVE-2016-5108