|
|||
Rule General Information |
---|
Release Date: | 2017-06-29 | |
Rule Name: | FILE-OTHER Videolan VLC Media Player Parsejss Heap Buffer Overflow Vulnerability (CVE-2017-8311) | |
Severity: | ||
CVE ID: | ||
Rule Protection Details |
---|
Description: | Potential heap based buffer overflow in ParseJSS in VideoLAN VLC before 2.2.5 due to skipping NULL terminator in an input string allows attackers to execute arbitrary code via a crafted subtitles file. | |
Impact: | A buffer overflow vulnerability can be triggered by an attacker in the context of the vulnerable product. Further attacks include arbitrary code execution and denial of service. | |
Affected OS: | Windows | |
Reference: | SecurityFocusBID:98634 |
|
Solutions |
---|
More advisories have been published on the website, please visit for more suggestions: http://git.videolan.org/?p=vlc.git http://www.videolan.org/vlc/releases/2.2.5.html |