Debian Vlc vulnerabilities

CVE-2017-17670 [HIGH] CVE-2017-17670: vlc - In VideoLAN VLC media player through 2.2.8, there is a type conversion vulnerabi... In VideoLAN VLC media player through 2.2.8, there is a type conversion vulnerability in modules/demux/mp4/libmp4.c in the MP4 demux module leading to a invalid free, because the type of a box may be changed between a read operation and a free operation. Scope: local bookworm: resolved (fixed in 3.0.0~rc2-1) bullseye: resolved (fixed in 3.0.0~rc2-1) forky: resolved (fixe

CVE-2017-8311 [HIGH] CVE-2017-8311: vlc - Potential heap based buffer overflow in ParseJSS in VideoLAN VLC before 2.2.5 du... Potential heap based buffer overflow in ParseJSS in VideoLAN VLC before 2.2.5 due to skipping NULL terminator in an input string allows attackers to execute arbitrary code via a crafted subtitles file. Scope: local bookworm: resolved (fixed in 2.2.5-1) bullseye: resolved (fixed in 2.2.5-1) forky: resolved (fixed in 2.2.5-1) sid: resolved (fixed in 2.2.5-1) trixie: resolve

CVE-2017-9301 [HIGH] CVE-2017-9301: vlc - plugins\audio_filter\libmpgatofixed32_plugin.dll in VideoLAN VLC media player 2.... plugins\audio_filter\libmpgatofixed32_plugin.dll in VideoLAN VLC media player 2.2.4 allows remote attackers to cause a denial of service (invalid read and application crash) or possibly have unspecified other impact via a crafted file. Scope: local bookworm: resolved (fixed in 2.2.5.1-1) bullseye: resolved (fixed in 2.2.5.1-1) forky: resolved (fixed in 2.2.5.1-1) sid: res

CVE-2017-9300 [HIGH] CVE-2017-9300: vlc - plugins\codec\libflac_plugin.dll in VideoLAN VLC media player 2.2.4 allows remot... plugins\codec\libflac_plugin.dll in VideoLAN VLC media player 2.2.4 allows remote attackers to cause a denial of service (heap corruption and application crash) or possibly have unspecified other impact via a crafted FLAC file. Scope: local bookworm: resolved (fixed in 2.2.6-3) bullseye: resolved (fixed in 2.2.6-3) forky: resolved (fixed in 2.2.6-3) sid: resolved (fixed i

CVE-2017-8313 [MEDIUM] CVE-2017-8313: vlc - Heap out-of-bound read in ParseJSS in VideoLAN VLC before 2.2.5 due to missing c... Heap out-of-bound read in ParseJSS in VideoLAN VLC before 2.2.5 due to missing check of string termination allows attackers to read data beyond allocated memory and potentially crash the process via a crafted subtitles file. Scope: local bookworm: resolved (fixed in 2.2.5-1) bullseye: resolved (fixed in 2.2.5-1) forky: resolved (fixed in 2.2.5-1) sid: resolved (fixed in

CVE-2017-8310 [MEDIUM] CVE-2017-8310: vlc - Heap out-of-bound read in CreateHtmlSubtitle in VideoLAN VLC 2.2.x due to missin... Heap out-of-bound read in CreateHtmlSubtitle in VideoLAN VLC 2.2.x due to missing check of string termination allows attackers to read data beyond allocated memory and potentially crash the process (causing a denial of service) via a crafted subtitles file. Scope: local bookworm: resolved (fixed in 2.2.5.1-1~deb9u1) bullseye: resolved (fixed in 2.2.5.1-1~deb9u1) forky:

CVE-2017-8312 [MEDIUM] CVE-2017-8312: vlc - Heap out-of-bound read in ParseJSS in VideoLAN VLC due to missing check of strin... Heap out-of-bound read in ParseJSS in VideoLAN VLC due to missing check of string length allows attackers to read heap uninitialized data via a crafted subtitles file. Scope: local bookworm: resolved (fixed in 2.2.6-1~deb9u1) bullseye: resolved (fixed in 2.2.6-1~deb9u1) forky: resolved (fixed in 2.2.6-1~deb9u1) sid: resolved (fixed in 2.2.6-1~deb9u1) trixie: resolved (f

CVE-2016-5108 [CRITICAL] CVE-2016-5108: vlc - Buffer overflow in the DecodeAdpcmImaQT function in modules/codec/adpcm.c in Vid... Buffer overflow in the DecodeAdpcmImaQT function in modules/codec/adpcm.c in VideoLAN VLC media player before 2.2.4 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted QuickTime IMA file. Scope: local bookworm: resolved (fixed in 2.2.3-2) bullseye: resolved (fixed in 2.2.3-2) forky: resolved (fixed in 2.2.3-2)

CVE-2016-3941 [MEDIUM] CVE-2016-3941: vlc - Buffer overflow in the AStreamPeekStream function in input/stream.c in VideoLAN ... Buffer overflow in the AStreamPeekStream function in input/stream.c in VideoLAN VLC media player before 2.2.0 allows remote attackers to cause a denial of service (crash) via a crafted wav file, related to "seek across EOF." Scope: local bookworm: resolved (fixed in 2.2.0-1) bullseye: resolved (fixed in 2.2.0-1) forky: resolved (fixed in 2.2.0-1) sid: resolved (fixed in

CVE-2015-5949 [MEDIUM] CVE-2015-5949: vlc - VideoLAN VLC media player 2.2.1 allows remote attackers to cause a denial of ser... VideoLAN VLC media player 2.2.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted 3GP file, which triggers the freeing of arbitrary pointers. Scope: local bookworm: resolved (fixed in 2.2.1-3) bullseye: resolved (fixed in 2.2.1-3) forky: resolved (fixed in 2.2.1-3) sid: resolved (fixed in 2.2.1-3) trixie: reso

CVE-2014-9628 [HIGH] CVE-2014-9628: vlc - The MP4_ReadBox_String function in modules/demux/mp4/libmp4.c in VideoLAN VLC me... The MP4_ReadBox_String function in modules/demux/mp4/libmp4.c in VideoLAN VLC media player before 2.1.6 allows remote attackers to trigger an unintended zero-size malloc and conduct buffer overflow attacks, and consequently execute arbitrary code, via a box size of 7. Scope: local bookworm: resolved (fixed in 2.2.0~rc2-2) bullseye: resolved (fixed in 2.2.0~rc2-2) forky: r

CVE-2014-9630 [HIGH] CVE-2014-9630: vlc - The rtp_packetize_xiph_config function in modules/stream_out/rtpfmt.c in VideoLA... The rtp_packetize_xiph_config function in modules/stream_out/rtpfmt.c in VideoLAN VLC media player before 2.1.6 uses a stack-allocation approach with a size determined by arbitrary input data, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted length value. Scope: local bookworm: resolved

CVE-2014-9626 [HIGH] CVE-2014-9626: vlc - Integer underflow in the MP4_ReadBox_String function in modules/demux/mp4/libmp4... Integer underflow in the MP4_ReadBox_String function in modules/demux/mp4/libmp4.c in VideoLAN VLC media player before 2.1.6 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a box size less than 7. Scope: local bookworm: resolved (fixed in 2.2.0~rc2-2) bullseye: resolved (fixed in 2.2.0~rc2-2) forky: resolved (fixed in 2.2

CVE-2014-9627 [HIGH] CVE-2014-9627: vlc - The MP4_ReadBox_String function in modules/demux/mp4/libmp4.c in VideoLAN VLC me... The MP4_ReadBox_String function in modules/demux/mp4/libmp4.c in VideoLAN VLC media player before 2.1.6 performs an incorrect cast operation from a 64-bit integer to a 32-bit integer, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large box size. Scope: local bookworm: resolved (fixed in 2.2.0~rc2-2) bullseye: re

CVE-2014-9629 [HIGH] CVE-2014-9629: vlc - Integer overflow in the Encode function in modules/codec/schroedinger.c in Video... Integer overflow in the Encode function in modules/codec/schroedinger.c in VideoLAN VLC media player before 2.1.6 and 2.2.x before 2.2.1 allows remote attackers to conduct buffer overflow attacks and execute arbitrary code via a crafted length value. Scope: local bookworm: resolved (fixed in 2.2.0~rc2-2) bullseye: resolved (fixed in 2.2.0~rc2-2) forky: resolved (fixed in

CVE-2014-9743 [MEDIUM] CVE-2014-9743: vlc - Cross-site scripting (XSS) vulnerability in the httpd_HtmlError function in netw... Cross-site scripting (XSS) vulnerability in the httpd_HtmlError function in network/httpd.c in the web interface in VideoLAN VLC Media Player before 2.2.0 allows remote attackers to inject arbitrary web script or HTML via the path info. Scope: local bookworm: resolved (fixed in 2.2.0~rc2-1) bullseye: resolved (fixed in 2.2.0~rc2-1) forky: resolved (fixed in 2.2.0~rc2-1)

CVE-2014-6440 [CRITICAL] CVE-2014-6440: vlc - VideoLAN VLC media player before 2.1.5 allows remote attackers to execute arbitr... VideoLAN VLC media player before 2.1.5 allows remote attackers to execute arbitrary code or cause a denial of service. Scope: local bookworm: resolved (fixed in 2.1.5-1) bullseye: resolved (fixed in 2.1.5-1) forky: resolved (fixed in 2.1.5-1) sid: resolved (fixed in 2.1.5-1) trixie: resolved (fixed in 2.1.5-1)

CVE-2014-1684 [MEDIUM] CVE-2014-1684: vlc - The ASF_ReadObject_file_properties function in modules/demux/asf/libasf.c in the... The ASF_ReadObject_file_properties function in modules/demux/asf/libasf.c in the ASF Demuxer in VideoLAN VLC Media Player before 2.1.3 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a zero minimum and maximum data packet size in an ASF file. Scope: local bookworm: resolved (fixed in 2.1.4-1) bullseye: resolved (fixed in 2.1.4-1

CVE-2014-9625 [HIGH] CVE-2014-9625: vlc - The GetUpdateFile function in misc/update.c in the Updater in VideoLAN VLC media... The GetUpdateFile function in misc/update.c in the Updater in VideoLAN VLC media player before 2.1.6 performs an incorrect cast operation from a 64-bit integer to a 32-bit integer, which allows remote attackers to conduct buffer overflow attacks and execute arbitrary code via a crafted update status file, aka an "integer truncation" vulnerability. Scope: local bookworm: r

CVE-2014-3441 [MEDIUM] CVE-2014-3441: vlc - codec\libpng_plugin.dll in VideoLAN VLC Media Player 2.1.3 allows remote attacke... codec\libpng_plugin.dll in VideoLAN VLC Media Player 2.1.3 allows remote attackers to cause a denial of service (crash) via a crafted .png file, as demonstrated by a png in a .wave file. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved