Описание
libebml before 1.3.6, as used in the MKV module in VideoLAN VLC Media Player binaries before 3.0.3, has a heap-based buffer over-read in EbmlElement::FindNextElement.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 1.3.5-2ubuntu0.1 |
| cosmic | ignored | end of life, was needed |
| devel | not-affected | 1.3.9-2 |
| disco | not-affected | 1.3.6-2 |
| esm-apps/bionic | released | 1.3.5-2ubuntu0.1 |
| esm-apps/xenial | released | 1.3.3-1ubuntu0.1 |
| esm-infra-legacy/trusty | DNE | |
| precise/esm | DNE | |
| trusty | ignored | end of standard support |
| trusty/esm | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | not-affected | code not present |
| cosmic | not-affected | code not present |
| devel | not-affected | code not present |
| disco | not-affected | code not present |
| esm-apps/bionic | not-affected | code not present |
| esm-apps/xenial | not-affected | code not present |
| esm-infra-legacy/trusty | DNE | |
| precise/esm | DNE | |
| trusty | ignored | end of standard support |
| trusty/esm | DNE |
Показывать по
4.3 Medium
CVSS2
5.5 Medium
CVSS3
Связанные уязвимости
libebml before 1.3.6, as used in the MKV module in VideoLAN VLC Media Player binaries before 3.0.3, has a heap-based buffer over-read in EbmlElement::FindNextElement.
libebml before 1.3.6, as used in the MKV module in VideoLAN VLC Media ...
VideoLAN VLC media player 3.0.7.1 has a heap-based buffer over-read in mkv::demux_sys_t::FreeUnused() in modules/demux/mkv/demux.cpp when called from mkv::Open in modules/demux/mkv/mkv.cpp.
Уязвимость функции mkv::demux_sys_t::FreeUnused() библиотеки для обработки видеофайлов libebm медиаплеера VideoLAN Media Player, позволяющая нарушителю получить доступ к защищаемой информации, вызвать отказ в обслуживании или повысить свои привилегии
4.3 Medium
CVSS2
5.5 Medium
CVSS3