Note:
This project will be discontinued after December 13, 2021. [more]
2016-06-08
Buffer overflow in the DecodeAdpcmImaQT function in modules/codec/adpcm.c in VideoLAN VLC media player before 2.2.4 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted QuickTime IMA file.
Products | Debian_linux, Vlc_media_player |
Type | Improper Restriction of Operations within the Bounds of a Memory Buffer (CWE-119) |
First patch |
https://git.videolan.org/git/vlc.git/458ed62bbeb9d1bddf7b8df104e14936408a3db9 |
Relevant file/s | ./modules/codec/adpcm.c (modified, +6) |
Links |
• http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00045.html
• https://security.gentoo.org/glsa/201701-39 • http://www.securitytracker.com/id/1036009 • http://www.securityfocus.com/bid/90924 • http://www.debian.org/security/2016/dsa-3598 |
Navigation
Patch data:
Patched area:
(on by default)
Patched area: