Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2017-8311

Опубликовано: 23 мая 2017
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 6.8
CVSS3: 7.8

Описание

Potential heap based buffer overflow in ParseJSS in VideoLAN VLC before 2.2.5 due to skipping NULL terminator in an input string allows attackers to execute arbitrary code via a crafted subtitles file.

РелизСтатусПримечание
devel

not-affected

esm-apps/xenial

released

2.2.2-5ubuntu0.16.04.3
esm-infra-legacy/trusty

DNE

trusty/esm was not-affected [2.1.6-0ubuntu14.04.3]
precise/esm

DNE

trusty

released

2.1.6-0ubuntu14.04.3
trusty/esm

released

2.1.6-0ubuntu14.04.3
upstream

needs-triage

vivid/stable-phone-overlay

DNE

vivid/ubuntu-core

DNE

xenial

released

2.2.2-5ubuntu0.16.04.3

Показывать по

Ссылки на источники

EPSS

Процентиль: 92%
0.0789
Низкий

6.8 Medium

CVSS2

7.8 High

CVSS3

Связанные уязвимости

nvd логотип

CVE-2017-8311

CVSS3: 7.8
nvd
больше 8 лет назад

Potential heap based buffer overflow in ParseJSS in VideoLAN VLC before 2.2.5 due to skipping NULL terminator in an input string allows attackers to execute arbitrary code via a crafted subtitles file.

debian логотип

CVE-2017-8311

CVSS3: 7.8
debian
больше 8 лет назад

Potential heap based buffer overflow in ParseJSS in VideoLAN VLC befor ...

github логотип

GHSA-h3gx-7f25-5jxg

CVSS3: 7.8
github
больше 3 лет назад

Potential heap based buffer overflow in ParseJSS in VideoLAN VLC before 2.2.5 due to skipping NULL terminator in an input string allows attackers to execute arbitrary code via a crafted subtitles file.

EPSS

Процентиль: 92%
0.0789
Низкий

6.8 Medium

CVSS2

7.8 High

CVSS3