Lucene search
CheckpointCVELIST:CVE-2017-8312HistoryMay 23, 2017 - 9:00 p.m.
CVE-2017-8312
2017-05-2321:00:00
checkpoint
www.cve.org
Heap out-of-bound read in ParseJSS in VideoLAN VLC due to missing check of string length allows attackers to read heap uninitialized data via a crafted subtitles file.
CNA Affected
[
{
"product": "VLC",
"vendor": "VideoLAN",
"versions": [
{
"status": "affected",
"version": "All"
}
]
}
]References
git.videolan.org/?p=vlc.git%3Ba=blobdiff%3Bf=modules/demux/subtitle.c%3Bh=5e4fcdb7f25b2819f5441156c7c0ea2a7d112ca3%3Bhp=2a75fbfb7c3f56b24b2e4498bbb8fe0aa2575974%3Bhb=611398fc8d32f3fe4331f60b220c52ba3557beaa%3Bhpb=075bc7169b05b004fa0250e4a4ce5516b05487a9
www.debian.org/security/2017/dsa-3899
www.securityfocus.com/bid/98631
security.gentoo.org/glsa/201707-10
Related
cve
cve
CVE-2017-8312
2017-05-23 21:29:00
nvd
nvd
CVE-2017-8312
2017-05-23 21:29:00
prion
prion
Heap overflow
2017-05-23 21:29:00
ubuntucve
ubuntucve
CVE-2017-8312
2017-05-23 00:00:00
debiancve
debiancve
CVE-2017-8312
2017-05-23 21:29:00
archlinux
archlinux
[ASA-201706-1] vlc: multiple issues
2017-06-01 00:00:00
kaspersky
kaspersky
KLA11023 Multiple vulnerabilities in VideoLAN VLC Media Player
2017-05-23 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-3899-1)
2017-06-26 00:00:00
VLC Media Player Subtitle Remote Code Execution Vulnerability - Mac OS X
2017-05-24 00:00:00
VLC Media Player Subtitle Remote Code Execution Vulnerability - Windows
2017-05-24 00:00:00
osv
osv
vlc - security update
2017-06-27 00:00:00
nessus
nessus
Debian DSA-3899-1 : vlc - security update
2017-06-28 00:00:00
GLSA-201707-10 : VLC: Multiple vulnerabilities
2017-07-10 00:00:00
gentoo
gentoo
VLC: Multiple vulnerabilities
2017-07-08 00:00:00
debian
debian
[SECURITY] [DSA 3899-1] vlc security update
2017-06-27 09:22:29
[SECURITY] [DSA 3899-1] vlc security update
2017-06-27 09:22:29
threatpost
threatpost
Subtitle Hack Leaves 200 Million Vulnerable to Remote Code Execution
2017-05-23 17:33:18