CVE-2017-8310
- Source
- https://cve.org/CVERecord?id=CVE-2017-8310
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-8310.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2017-8310
- Downstream
- Published
- 2017-05-23T21:29:00.180Z
- Modified
- 2026-04-02T00:17:37.099403Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
Heap out-of-bound read in CreateHtmlSubtitle in VideoLAN VLC 2.2.x due to missing check of string termination allows attackers to read data beyond allocated memory and potentially crash the process (causing a denial of service) via a crafted subtitles file.
- References
-
- http://git.videolan.org/?p=vlc/vlc-2.2.git%3Ba=blobdiff%3Bf=modules/codec/subsdec.c%3Bh=addd8c71f30d53558fffd19059b374be45cf0f8e%3Bhp=1b4276e299a2a6668047231d29ac705ae93076ba%3Bhb=7cac839692ab79dbfe5e4ebd4c4e37d9a8b1b328%3Bhpb=3477dba3d506de8d95bccef2c6b67861188f6c29
- https://security.gentoo.org/glsa/201707-10
- http://www.debian.org/security/2017/dsa-3899
- http://www.securityfocus.com/bid/98638
Affected packages
Git / github.com/videolan/vlc-3.0
Affected versions
0.*
0.1.99e
0.2.70
0.2.72
0.2.73
0.2.81
0.2.83
0.2.91
0.2.92
0.3.0
0.3.1
0.4.0
0.4.1
0.4.2
0.4.3
0.4.4
0.4.5
0.4.6
0.4.6.1
0.5.0
0.5.1
0.5.2
0.5.3
0.6.0
0.6.1
0.6.2
0.7.0
0.7.1
0.7.2
0.8.0
0.8.1
0.8.2
0.8.4
0.9.0
0.9.0-test0
0.9.0-test1
0.9.0-test2
0.9.0-test3
1.*
1.0.0-pre1
1.0.0-pre2
1.0.0-rc1
1.1.0-ff
1.1.0-pre1
1.2.0-pre1
1.3.0-git
2.*
2.1.0-git
2.2.0-git
Other
svn-trunk
Database specific
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-8310.json"
unresolved_ranges
[
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "2.2.1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "2.2.2"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "2.2.3"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "2.2.4"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "2.2.5"
}
]
}
]