Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
debianDebianDEBIAN:DLA-3679-1:D0708
HistoryNov 30, 2023 - 11:55 p.m.

[SECURITY] [DLA 3679-1] vlc security update

2023-11-3023:55:58
lists.debian.org
6
cve-2023-47359
heap buffer overflow
cve-2023-47360
mmsh module
debian lts
integer underflow
security update
vlc

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.7 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

37.6%

JSON

Debian LTS Advisory DLA-3679-1 [email protected]
https://www.debian.org/lts/security/ Adrian Bunk
November 30, 2023 https://wiki.debian.org/LTS

Package : vlc
Version : 3.0.20-0+deb10u1
CVE ID : CVE-2023-47359 CVE-2023-47360

Two vulnerabilities in the MMS over HTTP protocol have been fixed in the
VLC media player, which has also been upgraded to the latest upstream version.

CVE-2023-47359

Heap buffer overflow in the MMSH module.

CVE-2023-47360

Integer underflow in the MMSH module.

For Debian 10 buster, these problems have been fixed in version
3.0.20-0+deb10u1.

We recommend that you upgrade your vlc packages.

For the detailed security status of vlc please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/vlc

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

OSVersionArchitecturePackageVersionFilename
Debian12ppc64elvlc-plugin-svg< 3.0.20-0+deb12u1vlc-plugin-svg_3.0.20-0+deb12u1_ppc64el.deb
Debian12arm64libvlccore-dev< 3.0.20-0+deb12u1libvlccore-dev_3.0.20-0+deb12u1_arm64.deb
Debian12armhfvlc-plugin-video-output-dbgsym< 3.0.20-0+deb12u1vlc-plugin-video-output-dbgsym_3.0.20-0+deb12u1_armhf.deb
Debian11s390xvlc-plugin-visualization< 3.0.20-0+deb11u1vlc-plugin-visualization_3.0.20-0+deb11u1_s390x.deb
Debian12armhfvlc< 3.0.20-0+deb12u1vlc_3.0.20-0+deb12u1_armhf.deb
Debian11amd64vlc-plugin-skins2-dbgsym< 3.0.20-0+deb11u1vlc-plugin-skins2-dbgsym_3.0.20-0+deb11u1_amd64.deb
Debian11arm64vlc< 3.0.20-0+deb11u1vlc_3.0.20-0+deb11u1_arm64.deb
Debian12amd64vlc-plugin-qt-dbgsym< 3.0.20-0+deb12u1vlc-plugin-qt-dbgsym_3.0.20-0+deb12u1_amd64.deb
Debian12amd64vlc-plugin-visualization-dbgsym< 3.0.20-0+deb12u1vlc-plugin-visualization-dbgsym_3.0.20-0+deb12u1_amd64.deb
Debian12i386vlc-bin-dbgsym< 3.0.20-0+deb12u1vlc-bin-dbgsym_3.0.20-0+deb12u1_i386.deb
Rows per page:
1-10 of 7191

Related

osv 3
mageia 1
nessus 3
redos 1
openvas 4
ubuntu 1
prion 2
debiancve 2
ubuntucve 2
cvelist 2
veracode 2
nvd 2
cve 2
osv
osv
vlc - security update
2023-11-02 00:00:00
vlc - security update
2023-11-30 00:00:00
vlc vulnerabilities
2024-05-22 18:06:30
mageia
mageia
Updated vlc packages fix security vulnerabilities
2024-01-15 01:23:43
nessus
nessus
VLC < 3.0.20 Multiple Vulnerabilities
2024-04-15 00:00:00
Debian DLA-3679-1 : vlc - LTS security update
2023-12-01 00:00:00
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.10 : VLC vulnerabilities (USN-6783-1)
2024-05-23 00:00:00
redos
redos
ROS-20231115-02
2023-11-15 00:00:00
openvas
openvas
Debian: Security Advisory (DLA-3679-1)
2023-12-01 00:00:00
Debian: Security Advisory (DSA-5545-1)
2023-11-03 00:00:00
Ubuntu: Security Advisory (USN-6783-1)
2024-05-24 00:00:00
ubuntu
ubuntu
VLC vulnerabilities
2024-05-22 00:00:00
prion
prion
Integer overflow
2023-11-07 16:15:00
Heap overflow
2023-11-07 16:15:00
debiancve
debiancve
CVE-2023-47360
2023-11-07 16:15:29
CVE-2023-47359
2023-11-07 16:15:29
ubuntucve
ubuntucve
CVE-2023-47359
2023-11-07 00:00:00
CVE-2023-47360
2023-11-07 00:00:00
cvelist
cvelist
CVE-2023-47359
2023-11-07 00:00:00
CVE-2023-47360
2023-11-07 00:00:00
veracode
veracode
Buffer Overflows
2023-11-09 14:08:09
Buffer Overflows
2023-11-09 14:12:37
nvd
nvd
CVE-2023-47360
2023-11-07 16:15:29
CVE-2023-47359
2023-11-07 16:15:29
cve
cve
CVE-2023-47359
2023-11-07 16:15:29
CVE-2023-47360
2023-11-07 16:15:29

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.7 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

37.6%

JSON
Related for DEBIAN:DLA-3679-1:D0708
osv3mageia1nessus3redos1openvas4ubuntu1prion2debiancve2ubuntucve2cvelist2veracode2nvd2cve2