Potential heap based buffer overflow in ParseJSS in VideoLAN VLC before 2.2.5 due to skipping NULL terminator in an input string allows attackers to execute arbitrary code via a crafted subtitles file.
References
Configurations
History
07 Nov 2023, 02:50
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2017-05-23 21:29
Updated : 2024-02-28 16:04
NVD link : CVE-2017-8311
Mitre link : CVE-2017-8311
CVE.ORG link : CVE-2017-8311
JSON object : View
Products Affected
videolan
- vlc_media_player
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer