Information on source package vlc

Available versions

ReleaseVersion
squeeze1.1.3-1squeeze6
squeeze (security)1.1.3-1squeeze6
wheezy2.0.3-5+deb7u1
wheezy (security)2.0.3-5+deb7u2
jessie2.2.0~rc2-2
sid2.2.0~rc2-2

Open issues

Bugsqueezesqueeze (security)wheezywheezy (security)jessiesidDescription
CVE-2014-9630vulnerablevulnerablevulnerablefixedfixedfixedInvalid memory access in rtp code
CVE-2014-9629vulnerablevulnerablevulnerablefixedfixedfixedinteger overflow with resultant buffer overflow
CVE-2014-9628vulnerablevulnerablevulnerablefixedfixedfixedattacker-triggered zero-size malloc with resultant buffer overflow
CVE-2014-9627vulnerablevulnerablevulnerablefixedfixedfixedinteger truncation on 32-bit platforms
CVE-2014-9626vulnerablevulnerablevulnerablefixedfixedfixedinteger underflow
CVE-2014-9625vulnerablevulnerablefixedfixedfixedfixedBuffer overflow in updater
CVE-2014-6440vulnerablevulnerablefixedfixedfixedfixedHeap Overflow in VLC Transcode Module
CVE-2013-6283vulnerablevulnerablevulnerablevulnerablefixedfixedVideoLAN VLC Media Player 2.0.8 and earlier allows remote attackers to ...
CVE-2013-4388vulnerablevulnerablefixedfixedfixedfixedBuffer overflow in the mp4a packetizer ...
CVE-2013-1954vulnerablevulnerablefixedfixedfixedfixedThe ASF Demuxer (modules/demux/asf/asf.c) in VideoLAN VLC media player ...
CVE-2013-1868vulnerablevulnerablefixedfixedfixedfixedMultiple buffer overflows in VideoLAN VLC media player 2.0.4 and ...
CVE-2012-5470vulnerablevulnerablefixedfixedfixedfixedlibpng_plugin in VideoLAN VLC media player 2.0.3 allows remote ...
CVE-2012-3377vulnerablevulnerablefixedfixedfixedfixedHeap-based buffer overflow in the Ogg_DecodePacket function in the OGG ...
CVE-2012-1776vulnerablevulnerablefixedfixedfixedfixedMultiple heap-based buffer overflows in VideoLAN VLC media player ...
CVE-2012-1775vulnerablevulnerablefixedfixedfixedfixedStack-based buffer overflow in VideoLAN VLC media player before 2.0.1 ...
CVE-2012-0023vulnerablevulnerablefixedfixedfixedfixedDouble free vulnerability in the get_chunk_header function in ...
CVE-2011-2588vulnerablevulnerablefixedfixedfixedfixedHeap-based buffer overflow in the AVI_ChunkRead_strf function in ...
CVE-2011-2587vulnerablevulnerablefixedfixedfixedfixedHeap-based buffer overflow in the DemuxAudioSipr function in real.c in ...
CVE-2011-1087vulnerablevulnerablefixedfixedfixedfixedBuffer overflow in VideoLAN VLC media player 1.0.5 allows ...

Open unimportant issues

Bugsqueezesqueeze (security)wheezywheezy (security)jessiesidDescription
CVE-2014-1684vulnerablevulnerablevulnerablevulnerablefixedfixedThe ASF_ReadObject_file_properties function in ...
CVE-2013-7340vulnerablevulnerablevulnerablevulnerablefixedfixedVideoLAN VLC Media Player before 2.0.7 allows remote attackers to ...
CVE-2013-3565vulnerablevulnerablevulnerablevulnerablefixedfixedXSS in HTTP Interface
CVE-2013-3245vulnerablevulnerablevulnerablevulnerablevulnerablevulnerable** DISPUTED ** plugins/demux/libmkv_plugin.dll in VideoLAN VLC Media ...
CVE-2012-5855vulnerablevulnerablevulnerablevulnerablevulnerablevulnerableThe SHAddToRecentDocs function in VideoLAN VLC media player 2.0.4 and ...
CVE-2012-2396vulnerablevulnerablevulnerablevulnerablevulnerablevulnerableVideoLAN VLC media player 2.0.1 allows remote attackers to cause a ...

Resolved issues

BugDescription
CVE-2014-3441codec\libpng_plugin.dll in VideoLAN VLC Media Player 2.1.3 allows ...
CVE-2013-6934The parseRTSPRequestString function in Live Networks Live555 Streaming ...
CVE-2013-6933The parseRTSPRequestString function in Live Networks Live555 Streaming ...
CVE-2012-0904VLC media player 1.1.11 allows remote attackers to cause a denial of ...
CVE-2011-3623Multiple stack-based buffer overflows in VideoLAN VLC media player ...
CVE-2011-2194Integer overflow in the XSPF playlist parser in VideoLAN VLC media ...
CVE-2011-1684Heap-based buffer overflow in the MP4_ReadBox_skcr function in ...
CVE-2011-0531demux/mkv/mkv.hpp in the MKV demuxer plugin in VideoLAN VLC media ...
CVE-2011-0522The StripTags function in (1) the USF decoder ...
CVE-2011-0021Multiple heap-based buffer overflows in cdg.c in the CDG decoder in ...
CVE-2010-3907Multiple integer overflows in real.c in the Real demuxer plugin in ...
CVE-2010-3276libdirectx_plugin.dll in VideoLAN VLC Media Player before 1.1.8 allows ...
CVE-2010-3275libdirectx_plugin.dll in VideoLAN VLC Media Player before 1.1.8 allows ...
CVE-2010-3124Untrusted search path vulnerability in bin/winvlc.c in VLC Media ...
CVE-2010-2937The ReadMetaFromId3v2 function in taglib.cpp in the TagLib plugin in ...
CVE-2010-2062Integer underflow in the real_get_rdt_chunk function in real.c, as ...
CVE-2010-1445Heap-based buffer overflow in VideoLAN VLC media player before 1.0.6 ...
CVE-2010-1444The ZIP archive decompressor in VideoLAN VLC media player before 1.0.6 ...
CVE-2010-1443The parse_track_node function in modules/demux/playlist/xspf.c in the ...
CVE-2010-1442VideoLAN VLC media player before 1.0.6 allows remote attackers to ...
CVE-2010-1441Multiple heap-based buffer overflows in VideoLAN VLC media player ...
CVE-2010-0364Stack-based buffer overflow in VideoLAN VLC Media Player 0.8.6 allows ...
CVE-2009-2484Stack-based buffer overflow in the Win32AddConnection function in ...
CVE-2009-1274Integer overflow in the qt_error parse_trak_atom function in ...
CVE-2009-1045requests/status.xml in VLC 0.9.8a allows remote attackers to cause a ...
CVE-2009-0698Integer overflow in the 4xm demuxer (demuxers/demux_4xm.c) in xine-lib ...
CVE-2008-5276Integer overflow in the ReadRealIndex function in real.c in the Real ...
CVE-2008-5248xine-lib before 1.1.15 allows remote attackers to cause a denial of ...
CVE-2008-5246Multiple heap-based buffer overflows in xine-lib before 1.1.15 allow ...
CVE-2008-5235Heap-based buffer overflow in the demux_real_send_chunk function in ...
CVE-2008-5233xine-lib 1.1.12, and other versions before 1.1.15, does not check for ...
CVE-2008-5036Stack-based buffer overflow in VideoLAN VLC media player 0.9.x before ...
CVE-2008-5032Stack-based buffer overflow in VideoLAN VLC media player 0.5.0 through ...
CVE-2008-4686Multiple integer overflows in ty.c in the TY demux plugin (aka the ...
CVE-2008-4654Stack-based buffer overflow in the parse_master function in the Ty ...
CVE-2008-4558Array index error in VLC media player 0.9.2 allows remote attackers to ...
CVE-2008-3794Integer signedness error in the mms_ReceiveCommand function in ...
CVE-2008-3732Integer overflow in the Open function in modules/demux/tta.c in VLC ...
CVE-2008-2430Integer overflow in the Open function in modules/demux/wav.c in VLC ...
CVE-2008-2147Untrusted search path vulnerability in VideoLAN VLC before 0.9.0 ...
CVE-2008-1881Stack-based buffer overflow in the ParseSSA function ...
CVE-2008-1769VLC before 0.8.6f allow remote attackers to cause a denial of service ...
CVE-2008-1768Multiple integer overflows in VLC before 0.8.6f allow remote attackers ...
CVE-2008-1489Integer overflow in the MP4_ReadBox_rdrf function in libmp4.c for VLC ...
CVE-2008-0984The MP4 demuxer (mp4.c) for VLC media player 0.8.6d and earlier, as ...
CVE-2008-0296Heap-based buffer overflow in the libaccess_realrtsp plugin in ...
CVE-2008-0295Heap-based buffer overflow in modules/access/rtsp/real_sdpplin.c in ...
CVE-2008-0073Array index error in the sdpplin_parse function in ...
CVE-2007-6684The RTSP module in VideoLAN VLC 0.8.6d allows remote attackers to ...
CVE-2007-6683The browser plugin in VideoLAN VLC 0.8.6d allows remote attackers to ...
CVE-2007-6682Format string vulnerability in the httpd_FileCallBack function ...
CVE-2007-6681Stack-based buffer overflow in modules/demux/subtitle.c in VideoLAN ...
CVE-2007-6262A certain ActiveX control in axvlc.dll in VideoLAN VLC 0.8.6 before ...
CVE-2007-3468input.c in VideoLAN VLC Media Player before 0.8.6c allows remote ...
CVE-2007-3467Integer overflow in the __status_Update function in stats.c VideoLAN ...
CVE-2007-3316Multiple format string vulnerabilities in plugins in VideoLAN VLC ...
CVE-2007-0256VideoLAN VLC 0.8.6a allows remote attackers to cause a denial of ...
CVE-2007-0017Multiple format string vulnerabilities in (1) the cdio_log_handler ...
CVE-2006-1664Buffer overflow in xine_list_delete_current in libxine 1.14 and ...
CVE-2005-4048Heap-based buffer overflow in the avcodec_default_get_buffer function ...
CVE-2004-1476Stack-based buffer overflow in the VideoCD (VCD) code in xine-lib ...
CVE-2004-1475Multiple stack-based buffer overflows in xine-lib 1-rc2 through 1-rc5 ...
CVE-2004-1455Stack-based buffer overflow in Xine-lib-rc5 in xine-lib 1_rc5-r2 and ...
CVE-2004-1300Buffer overflow in the open_aiff_file function in demux_aiff.c for ...

Security announcements

DSA / DLADescription
DSA-3156-1liblivemedia - security update
DSA-3150-1vlc - security update
DSA-2973-1vlc - security update
DSA-2257-1vlc - buffer overflow
DSA-2218-1vlc - heap-based buffer overflow
DSA-2218-1vlc - heap-based buffer overflow
DSA-2211-1vlc - missing input sanitising
DSA-2211-1vlc - missing input sanitising
DSA-2159-1vlc - missing input sanitising
DSA-2043-1vlc - arbitrary code execution
DSA-1819-1vlc - several vulnerabilities
DSA-1543-1vlc - several vulnerabilities
DSA-1332-1vlc
DSA-1332-1vlc
DSA-1252-1vlc
DSA-1252-1vlc
DSA-1004-1vlc - buffer overflow
DSA-1004-1vlc - buffer overflow

Search for package or bug name: Reporting problems