Heap overflow in MP4 demuxer
Bug #756368 reported by
Rémi Denis-Courmont
This bug affects 2 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
VLC media player |
Fix Released
|
Critical
|
Rémi Denis-Courmont | ||
1.0-bugfix |
Fix Released
|
Undecided
|
Unassigned | ||
vlc (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Lucid |
Fix Released
|
Undecided
|
Unassigned | ||
Maverick |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
visibility: | private → public |
Changed in vlc: | |
milestone: | none → 1.1.9 |
importance: | Undecided → Critical |
assignee: | nobody → Rémi Denis-Courmont (rdenis) |
status: | New → Fix Released |
To post a comment you must log in.
This bug was fixed in the package vlc - 1.1.4-1ubuntu1.5
---------------
vlc (1.1.4-1ubuntu1.5) maverick-security; urgency=low
* SECURITY UPDATE: arbitrary code execution via crafted width patches/ CVE-2010- 327x.patch: limit video size to 8192x8192 in video_output/ video_output. c. patches/ CVE-2011- 1684.patch: fix buffer overflow in demux/mp4/ libmp4. c.
- debian/
src/
- CVE-2010-3275
- CVE-2010-3276
* SECURITY UPDATE: arbitrary code execution via mp4 file (LP: #756368)
- debian/
modules/
- CVE-2011-1684
-- Marc Deslauriers <email address hidden> Wed, 13 Apr 2011 23:21:01 -0400