Package vlc updated to version 3.0.7-alt1 for branch sisyphus in task 231805.

Published: 2019-06-13
Modified: 2024-11-21

CVE-2019-5439

A Buffer Overflow in VLC Media Player < 3.0.7 causes a crash which can possibly be further developed into a remote code execution exploit.

Severity: MEDIUM (6.5) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

References:

Published: 2019-07-31
Modified: 2024-11-21

CVE-2019-5459

An Integer underflow in VLC Media Player versions < 3.0.7 leads to an out-of-band read.

Severity: HIGH (7.1) Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H

References:

Published: 2019-07-31
Modified: 2024-11-21

Double Free in VLC versions <= 3.0.6 leads to a crash.

Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

References:

Version: 2.1.0