VLC media player 3.0.20 and earlier is vulnerable to denial of service through an integer overflow which could be triggered with a maliciously crafted mms stream (heap based overflow). If successful, a malicious third party could trigger either a crash of VLC or an arbitrary code execution with the target user's privileges.
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_version": "3.0.21-2", "binary_name": "libvlc-bin" }, { "binary_version": "3.0.21-2", "binary_name": "libvlc-bin-dbgsym" }, { "binary_version": "3.0.21-2", "binary_name": "libvlc-dev" }, { "binary_version": "3.0.21-2", "binary_name": "libvlc5" }, { "binary_version": "3.0.21-2", "binary_name": "libvlc5-dbgsym" }, { "binary_version": "3.0.21-2", "binary_name": "libvlccore-dev" }, { "binary_version": "3.0.21-2", "binary_name": "libvlccore9" }, { "binary_version": "3.0.21-2", "binary_name": "libvlccore9-dbgsym" }, { "binary_version": "3.0.21-2", "binary_name": "vlc" }, { "binary_version": "3.0.21-2", "binary_name": "vlc-bin" }, { "binary_version": "3.0.21-2", "binary_name": "vlc-bin-dbgsym" }, { "binary_version": "3.0.21-2", "binary_name": "vlc-data" }, { "binary_version": "3.0.21-2", "binary_name": "vlc-l10n" }, { "binary_version": "3.0.21-2", "binary_name": "vlc-plugin-access-extra" }, { "binary_version": "3.0.21-2", "binary_name": "vlc-plugin-access-extra-dbgsym" }, { "binary_version": "3.0.21-2", "binary_name": "vlc-plugin-base" }, { "binary_version": "3.0.21-2", "binary_name": "vlc-plugin-base-dbgsym" }, { "binary_version": "3.0.21-2", "binary_name": "vlc-plugin-fluidsynth" }, { "binary_version": "3.0.21-2", "binary_name": "vlc-plugin-fluidsynth-dbgsym" }, { "binary_version": "3.0.21-2", "binary_name": "vlc-plugin-jack" }, { "binary_version": "3.0.21-2", "binary_name": "vlc-plugin-jack-dbgsym" }, { "binary_version": "3.0.21-2", "binary_name": "vlc-plugin-notify" }, { "binary_version": "3.0.21-2", "binary_name": "vlc-plugin-notify-dbgsym" }, { "binary_version": "3.0.21-2", "binary_name": "vlc-plugin-qt" }, { "binary_version": "3.0.21-2", "binary_name": "vlc-plugin-qt-dbgsym" }, { "binary_version": "3.0.21-2", "binary_name": "vlc-plugin-samba" }, { "binary_version": "3.0.21-2", "binary_name": "vlc-plugin-samba-dbgsym" }, { "binary_version": "3.0.21-2", "binary_name": "vlc-plugin-skins2" }, { "binary_version": "3.0.21-2", "binary_name": "vlc-plugin-skins2-dbgsym" }, { "binary_version": "3.0.21-2", "binary_name": "vlc-plugin-svg" }, { "binary_version": "3.0.21-2", "binary_name": "vlc-plugin-svg-dbgsym" }, { "binary_version": "3.0.21-2", "binary_name": "vlc-plugin-video-output" }, { "binary_version": "3.0.21-2", "binary_name": "vlc-plugin-video-output-dbgsym" }, { "binary_version": "3.0.21-2", "binary_name": "vlc-plugin-video-splitter" }, { "binary_version": "3.0.21-2", "binary_name": "vlc-plugin-video-splitter-dbgsym" }, { "binary_version": "3.0.21-2", "binary_name": "vlc-plugin-visualization" }, { "binary_version": "3.0.21-2", "binary_name": "vlc-plugin-visualization-dbgsym" } ] }