Information on source package vlc

Available versions

ReleaseVersion
squeeze, squeeze1.1.3-1squeeze6
wheezy2.0.3-5
jessie, sid2.1.2-2

Open issues

BugsqueezewheezyjessiesidDescription
CVE-2011-1087vulnerablefixedfixedfixedBuffer overflow in VideoLAN VLC media player 1.0.5 allows ...
CVE-2011-2587vulnerablefixedfixedfixedHeap-based buffer overflow in the DemuxAudioSipr function in real.c in ...
CVE-2011-2588vulnerablefixedfixedfixedHeap-based buffer overflow in the AVI_ChunkRead_strf function in ...
CVE-2012-0023vulnerablefixedfixedfixedDouble free vulnerability in the get_chunk_header function in ...
CVE-2012-1775vulnerablefixedfixedfixedStack-based buffer overflow in VideoLAN VLC media player before 2.0.1 ...
CVE-2012-1776vulnerablefixedfixedfixedMultiple heap-based buffer overflows in VideoLAN VLC media player ...
CVE-2012-3377vulnerablefixedfixedfixedHeap-based buffer overflow in the Ogg_DecodePacket function in the OGG ...
CVE-2012-5470vulnerablefixedfixedfixedlibpng_plugin in VideoLAN VLC media player 2.0.3 allows remote ...
CVE-2013-1868vulnerablevulnerablefixedfixedMultiple buffer overflows in VideoLAN VLC media player 2.0.4 and ...
CVE-2013-1954vulnerablevulnerablefixedfixedThe ASF Demuxer (modules/demux/asf/asf.c) in VideoLAN VLC media player ...
CVE-2013-4388vulnerablevulnerablefixedfixedBuffer overflow in the mp4a packetizer ...
CVE-2013-6283vulnerablevulnerablefixedfixedVideoLAN VLC Media Player 2.0.8 and earlier allows remote attackers to ...
CVE-2013-6933fixedvulnerablevulnerablevulnerableThe parseRTSPRequestString function in Live Networks Live555 Streaming ...

Open unimportant issues

BugsqueezewheezyjessiesidDescription
CVE-2012-2396vulnerablevulnerablevulnerablevulnerableVideoLAN VLC media player 2.0.1 allows remote attackers to cause a ...
CVE-2012-5855vulnerablevulnerablevulnerablevulnerableThe SHAddToRecentDocs function in VideoLAN VLC media player 2.0.4 and ...
CVE-2013-3245vulnerablevulnerablevulnerablevulnerable** DISPUTED ** plugins/demux/libmkv_plugin.dll in VideoLAN VLC Media ...
CVE-2013-3565vulnerablevulnerablefixedfixedXSS in HTTP Interface
CVE-2013-7340vulnerablevulnerablevulnerablevulnerableVideoLAN VLC Media Player before 2.0.7 allows remote attackers to ...
CVE-2014-1684vulnerablevulnerablevulnerablevulnerableThe ASF_ReadObject_file_properties function in ...

Resolved issues

BugDescription
CVE-2004-1300Buffer overflow in the open_aiff_file function in demux_aiff.c for ...
CVE-2004-1455Stack-based buffer overflow in Xine-lib-rc5 in xine-lib 1_rc5-r2 and ...
CVE-2004-1475Multiple stack-based buffer overflows in xine-lib 1-rc2 through 1-rc5 ...
CVE-2004-1476Stack-based buffer overflow in the VideoCD (VCD) code in xine-lib ...
CVE-2005-4048Heap-based buffer overflow in the avcodec_default_get_buffer function ...
CVE-2006-1664Buffer overflow in xine_list_delete_current in libxine 1.14 and ...
CVE-2007-0017Multiple format string vulnerabilities in (1) the cdio_log_handler ...
CVE-2007-0256VideoLAN VLC 0.8.6a allows remote attackers to cause a denial of ...
CVE-2007-3316Multiple format string vulnerabilities in plugins in VideoLAN VLC ...
CVE-2007-3467Integer overflow in the __status_Update function in stats.c VideoLAN ...
CVE-2007-3468input.c in VideoLAN VLC Media Player before 0.8.6c allows remote ...
CVE-2007-6262A certain ActiveX control in axvlc.dll in VideoLAN VLC 0.8.6 before ...
CVE-2007-6681Stack-based buffer overflow in modules/demux/subtitle.c in VideoLAN ...
CVE-2007-6682Format string vulnerability in the httpd_FileCallBack function ...
CVE-2007-6683The browser plugin in VideoLAN VLC 0.8.6d allows remote attackers to ...
CVE-2007-6684The RTSP module in VideoLAN VLC 0.8.6d allows remote attackers to ...
CVE-2008-0073Array index error in the sdpplin_parse function in ...
CVE-2008-0295Heap-based buffer overflow in modules/access/rtsp/real_sdpplin.c in ...
CVE-2008-0296Heap-based buffer overflow in the libaccess_realrtsp plugin in ...
CVE-2008-0984The MP4 demuxer (mp4.c) for VLC media player 0.8.6d and earlier, as ...
CVE-2008-1489Integer overflow in the MP4_ReadBox_rdrf function in libmp4.c for VLC ...
CVE-2008-1768Multiple integer overflows in VLC before 0.8.6f allow remote attackers ...
CVE-2008-1769VLC before 0.8.6f allow remote attackers to cause a denial of service ...
CVE-2008-1881Stack-based buffer overflow in the ParseSSA function ...
CVE-2008-2147Untrusted search path vulnerability in VideoLAN VLC before 0.9.0 ...
CVE-2008-2430Integer overflow in the Open function in modules/demux/wav.c in VLC ...
CVE-2008-3732Integer overflow in the Open function in modules/demux/tta.c in VLC ...
CVE-2008-3794Integer signedness error in the mms_ReceiveCommand function in ...
CVE-2008-4558Array index error in VLC media player 0.9.2 allows remote attackers to ...
CVE-2008-4654Stack-based buffer overflow in the parse_master function in the Ty ...
CVE-2008-4686Multiple integer overflows in ty.c in the TY demux plugin (aka the ...
CVE-2008-5032Stack-based buffer overflow in VideoLAN VLC media player 0.5.0 through ...
CVE-2008-5036Stack-based buffer overflow in VideoLAN VLC media player 0.9.x before ...
CVE-2008-5233xine-lib 1.1.12, and other versions before 1.1.15, does not check for ...
CVE-2008-5235Heap-based buffer overflow in the demux_real_send_chunk function in ...
CVE-2008-5246Multiple heap-based buffer overflows in xine-lib before 1.1.15 allow ...
CVE-2008-5248xine-lib before 1.1.15 allows remote attackers to cause a denial of ...
CVE-2008-5276Integer overflow in the ReadRealIndex function in real.c in the Real ...
CVE-2009-0698Integer overflow in the 4xm demuxer (demuxers/demux_4xm.c) in xine-lib ...
CVE-2009-1045requests/status.xml in VLC 0.9.8a allows remote attackers to cause a ...
CVE-2009-1274Integer overflow in the qt_error parse_trak_atom function in ...
CVE-2009-2484Stack-based buffer overflow in the Win32AddConnection function in ...
CVE-2010-0364Stack-based buffer overflow in VideoLAN VLC Media Player 0.8.6 allows ...
CVE-2010-1441Heap buffer overflow vulnerability in A/52, DTS and MPEG Audio decoders
CVE-2010-1442Invalid memory access in AVI, ASF, Matroska (MKV) demuxers
CVE-2010-1443Invalid memory access in XSPF playlist parser
CVE-2010-1444Invalid memory access in ZIP archive decompressor
CVE-2010-1445Heap buffer overflow in RTMP access
CVE-2010-2062VLC: integer underflow in Real RTSP
CVE-2010-2937The ReadMetaFromId3v2 function in taglib.cpp in the TagLib plugin in ...
CVE-2010-3124Untrusted search path vulnerability in bin/winvlc.c in VLC Media ...
CVE-2010-3275libdirectx_plugin.dll in VideoLAN VLC Media Player before 1.1.8 allows ...
CVE-2010-3276libdirectx_plugin.dll in VideoLAN VLC Media Player before 1.1.8 allows ...
CVE-2010-3907Multiple integer overflows in real.c in the Real demuxer plugin in ...
CVE-2011-0021Multiple heap-based buffer overflows in cdg.c in the CDG decoder in ...
CVE-2011-0522The StripTags function in (1) the USF decoder ...
CVE-2011-0531demux/mkv/mkv.hpp in the MKV demuxer plugin in VideoLAN VLC media ...
CVE-2011-1684Heap-based buffer overflow in the MP4_ReadBox_skcr function in ...
CVE-2011-2194Integer overflow in the XSPF playlist parser in VideoLAN VLC media ...
CVE-2011-3623media-video/vlc-1.0.2: Multiple stack-based buffer overflows in ASF, AVI, MP4 demuxers
CVE-2012-0904VLC media player 1.1.11 allows remote attackers to cause a denial of ...
CVE-2013-6934The parseRTSPRequestString function in Live Networks Live555 Streaming ...

Security announcements

DSADescription
DSA-2257-1vlc - buffer overflow
DSA-2218-1vlc - heap-based buffer overflow
DSA-2218-1vlc - heap-based buffer overflow
DSA-2211-1vlc - missing input sanitising
DSA-2211-1vlc - missing input sanitising
DSA-2159-1vlc - missing input sanitising
DSA-2043-1vlc - arbitrary code execution
DSA-1819-1vlc - several vulnerabilities
DSA-1543-1vlc - several vulnerabilities
DSA-1332-1vlc
DSA-1332-1vlc
DSA-1252-1vlc
DSA-1252-1vlc
DSA-1004-1vlc - buffer overflow
DSA-1004-1vlc - buffer overflow

Search for package or bug name: Reporting problems

Home - Testing Security Team - Debian Security - Source (SVN)