Launchpad CVE tracker

CVE 2016-5108

Buffer overflow in the DecodeAdpcmImaQT function in modules/codec/adpcm.c in VideoLAN VLC media player before 2.2.4 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted QuickTime IMA file.

Related bugs and status

CVE-2016-5108 (Candidate) is related to these bugs:

Bug #1579935: [SRU] Update to bug-fix release 2.2.8 in Xenial

Summary				In	Importance	Status
	1579935	[SRU] Update to bug-fix release 2.2.8 in Xenial		vlc (Ubuntu)	Medium	Fix Released
	1579935	[SRU] Update to bug-fix release 2.2.8 in Xenial		vlc (Ubuntu Xenial)	Medium	Confirmed

Bug #1693893: Fix out-of-bounds read, potential heap buffer overflow, and other CVEs

		In	Importance	Status
1693893	Fix out-of-bounds read, potential heap buffer overflow, and other CVEs	vlc (Ubuntu)	Undecided	Fix Released
1693893	Fix out-of-bounds read, potential heap buffer overflow, and other CVEs	vlc (Ubuntu Zesty)	Undecided	Fix Released
1693893	Fix out-of-bounds read, potential heap buffer overflow, and other CVEs	vlc (Ubuntu Xenial)	Undecided	Fix Released
1693893	Fix out-of-bounds read, potential heap buffer overflow, and other CVEs	vlc (Ubuntu Artful)	Undecided	Fix Released
1693893	Fix out-of-bounds read, potential heap buffer overflow, and other CVEs	vlc (Ubuntu Trusty)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://www.videolan.or...
DEBIAN: DSA-3598
SECTRACK: 1036009
SUSE: openSUSE-SU-2016:1651
BID: 90924
GENTOO: GLSA-201701-39

Launchpad.net

CVE 2016-5108

Related bugs and status

Related bugs

References