CVE-2016-5108

Properties

Published:
07.06.2016
Updated:
11.06.2016
Patch available:
Severity:
High
CVSS vector:
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Product:
debian: debian_linux

Vulnerability description

Buffer overflow in the DecodeAdpcmImaQT function in modules/codec/adpcm.c in VideoLAN VLC media player before 2.2.4 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted QuickTime IMA file.

References:

CONFIRM: http://www.videolan.org/security/sa1601.html
SECTRACK: http://www.securitytracker.com/id/1036009
DEBIAN: http://www.debian.org/security/2016/dsa-3598