*** This bug is a security vulnerability ***

Public security bug reported:

plugins\codec\libflac_plugin.dll in VideoLAN VLC media player 2.2.4 allows
remote attackers to cause a denial of service (heap corruption and
application crash) or possibly have unspecified other impact via a crafted
FLAC file.

This is tracked in CVE-2017-9300.

** Affects: vlc (Ubuntu)
     Importance: Undecided
         Status: New

** Information type changed from Public to Public Security

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-9300

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1709420

Title:
  flac: Fix heap write overflow on frame format change

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/vlc/+bug/1709420/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to