VLC Arbitrary memory overwrite in the MP4 demuxer
Bug #195949 reported by
Emanuele Gentili
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
vlc (Ubuntu) |
Fix Released
|
Medium
|
Mario Limonciello | ||
Dapper |
Fix Released
|
Medium
|
Emanuele Gentili | ||
Edgy |
Fix Released
|
Medium
|
Emanuele Gentili | ||
Feisty |
Fix Released
|
Medium
|
Emanuele Gentili | ||
Gutsy |
Fix Released
|
Medium
|
Emanuele Gentili | ||
Hardy |
Fix Released
|
Medium
|
Mario Limonciello |
Bug Description
Binary package hint: vlc
VLC media player's MPEG-4 file format parser (a.k.a. the MP4 demuxer) suffers from an arbitrary memory overwrite vulnerability when using specially crafted (invalid) MP4 input files.
If successful, a malicious third party could trigger execution of arbitrary code within the context of the VLC media player, or otherwise crash the player instance.
Changed in vlc: | |
assignee: | nobody → emgent |
importance: | Undecided → Medium |
status: | New → In Progress |
Changed in vlc: | |
assignee: | nobody → emgent |
importance: | Undecided → Medium |
assignee: | nobody → emgent |
importance: | Undecided → Medium |
assignee: | nobody → emgent |
importance: | Undecided → Medium |
assignee: | nobody → emgent |
importance: | Undecided → Medium |
Changed in vlc: | |
status: | New → In Progress |
status: | New → In Progress |
status: | New → In Progress |
status: | New → In Progress |
To post a comment you must log in.
added ubuntu- universe- sponsor for upload this fix in hardy.
now working to gutsy.