Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2013-1954

The ASF Demuxer (modules/demux/asf/asf.c) in VideoLAN VLC media player 2.0.5 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted ASF movie that triggers an out-of-bounds read.

Related bugs and status

CVE-2013-1954 (Candidate) is related to these bugs:

Bug #1186780: Please update VLC (for security issues)

		In	Importance	Status
1186780	Please update VLC (for security issues)	vlc (Ubuntu)	Undecided	Fix Released
1186780	Please update VLC (for security issues)	vlc (Ubuntu Precise)	Undecided	Fix Released
1186780	Please update VLC (for security issues)	vlc (Ubuntu Quantal)	Undecided	Fix Released
1186780	Please update VLC (for security issues)	vlc (Ubuntu Raring)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://git.videolan.or...
CONFIRM: http://trac.videolan.o...
CONFIRM: http://www.videolan.or...
BID: 57333
OSVDB: 89598
SECUNIA: 59793
MLIST: [oss-security] 2013041...
MLIST: [oss-security] 2013041...
OVAL: oval:org.mitre.oval:de...