USN-4074-1
See a problem?- Source
- https://ubuntu.com/security/notices/USN-4074-1
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-4074-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/USN-4074-1
- Related
- Published
- 2019-07-25T11:57:08.364458Z
- Modified
- 2019-07-25T11:57:08.364458Z
- Summary
- vlc vulnerabilities
- Details
-
It was discovered that the VLC CAF demuxer incorrectly handled certain files. If a user were tricked into opening a specially-crafted CAF file, a remote attacker could use this issue to cause VLC to crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS. (CVE-2018-19857)
It was discovered that the VLC Matroska demuxer incorrectly handled certain files. If a user were tricked into opening a specially-crafted MKV file, a remote attacker could use this issue to cause VLC to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2019-12874)
It was discovered that the VLC MP4 demuxer incorrectly handled certain files. If a user were tricked into opening a specially-crafted MP4 file, a remote attacker could use this issue to cause VLC to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2019-13602)
It was discovered that the VLC AVI demuxer incorrectly handled certain files. If a user were tricked into opening a specially-crafted AVI file, a remote attacker could use this issue to cause VLC to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2019-5439)
- References
Affected packages
Ubuntu:18.04:LTS / vlc
Package
- Name
- vlc
- Purl
- pkg:deb/ubuntu/vlc@3.0.7.1-0ubuntu18.04.1?arch=src?distro=bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.0.7.1-0ubuntu18.04.1
Affected versions
2.*
3.*
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"libvlc5-dbgsym": "3.0.7.1-0ubuntu18.04.1",
"vlc-plugin-video-output": "3.0.7.1-0ubuntu18.04.1",
"vlc-plugin-svg-dbgsym": "3.0.7.1-0ubuntu18.04.1",
"vlc-plugin-notify-dbgsym": "3.0.7.1-0ubuntu18.04.1",
"vlc-plugin-video-output-dbgsym": "3.0.7.1-0ubuntu18.04.1",
"vlc-plugin-fluidsynth": "3.0.7.1-0ubuntu18.04.1",
"vlc-plugin-fluidsynth-dbgsym": "3.0.7.1-0ubuntu18.04.1",
"vlc-plugin-visualization": "3.0.7.1-0ubuntu18.04.1",
"libvlc-bin": "3.0.7.1-0ubuntu18.04.1",
"libvlccore9": "3.0.7.1-0ubuntu18.04.1",
"libvlc-bin-dbgsym": "3.0.7.1-0ubuntu18.04.1",
"vlc-data": "3.0.7.1-0ubuntu18.04.1",
"vlc-plugin-visualization-dbgsym": "3.0.7.1-0ubuntu18.04.1",
"vlc-plugin-video-splitter-dbgsym": "3.0.7.1-0ubuntu18.04.1",
"libvlc-dev": "3.0.7.1-0ubuntu18.04.1",
"vlc-plugin-qt": "3.0.7.1-0ubuntu18.04.1",
"libvlccore9-dbgsym": "3.0.7.1-0ubuntu18.04.1",
"vlc-bin-dbgsym": "3.0.7.1-0ubuntu18.04.1",
"vlc-plugin-base": "3.0.7.1-0ubuntu18.04.1",
"vlc-plugin-skins2": "3.0.7.1-0ubuntu18.04.1",
"vlc": "3.0.7.1-0ubuntu18.04.1",
"vlc-plugin-qt-dbgsym": "3.0.7.1-0ubuntu18.04.1",
"vlc-plugin-zvbi": "3.0.7.1-0ubuntu18.04.1",
"vlc-plugin-access-extra-dbgsym": "3.0.7.1-0ubuntu18.04.1",
"vlc-plugin-jack": "3.0.7.1-0ubuntu18.04.1",
"libvlc5": "3.0.7.1-0ubuntu18.04.1",
"vlc-plugin-samba-dbgsym": "3.0.7.1-0ubuntu18.04.1",
"vlc-bin": "3.0.7.1-0ubuntu18.04.1",
"vlc-plugin-svg": "3.0.7.1-0ubuntu18.04.1",
"vlc-l10n": "3.0.7.1-0ubuntu18.04.1",
"vlc-plugin-access-extra": "3.0.7.1-0ubuntu18.04.1",
"vlc-plugin-jack-dbgsym": "3.0.7.1-0ubuntu18.04.1",
"vlc-plugin-samba": "3.0.7.1-0ubuntu18.04.1",
"vlc-plugin-base-dbgsym": "3.0.7.1-0ubuntu18.04.1",
"vlc-plugin-notify": "3.0.7.1-0ubuntu18.04.1",
"libvlccore-dev": "3.0.7.1-0ubuntu18.04.1",
"vlc-plugin-skins2-dbgsym": "3.0.7.1-0ubuntu18.04.1",
"vlc-plugin-video-splitter": "3.0.7.1-0ubuntu18.04.1"
}
]
}