Launchpad CVE tracker

CVE 2017-8312

Heap out-of-bound read in ParseJSS in VideoLAN VLC due to missing check of string length allows attackers to read heap uninitialized data via a crafted subtitles file.

Related bugs and status

CVE-2017-8312 (Candidate) is related to these bugs:

Bug #1693893: Fix out-of-bounds read, potential heap buffer overflow, and other CVEs

		In	Importance	Status
1693893	Fix out-of-bounds read, potential heap buffer overflow, and other CVEs	vlc (Ubuntu)	Undecided	Fix Released
1693893	Fix out-of-bounds read, potential heap buffer overflow, and other CVEs	vlc (Ubuntu Zesty)	Undecided	Fix Released
1693893	Fix out-of-bounds read, potential heap buffer overflow, and other CVEs	vlc (Ubuntu Xenial)	Undecided	Fix Released
1693893	Fix out-of-bounds read, potential heap buffer overflow, and other CVEs	vlc (Ubuntu Artful)	Undecided	Fix Released
1693893	Fix out-of-bounds read, potential heap buffer overflow, and other CVEs	vlc (Ubuntu Trusty)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://git.videolan.or...
GENTOO: GLSA-201707-10
BID: 98631
DEBIAN: DSA-3899

Launchpad.net

CVE 2017-8312

Related bugs and status

Related bugs

References