FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-25 11:22:49 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
a0a4e24c-4760-11e5-9391-3c970e169bc2	vlc -- arbitrary pointer dereference vulnerability oCERT reports: The stable VLC version suffers from an arbitrary pointer dereference vulnerability. The vulnerability affects the 3GP file format parser, insufficient restrictions on a writable buffer can be exploited to execute arbitrary code via the heap memory. A specific 3GP file can be crafted to trigger the vulnerability. Credit: vulnerability reported by Loren Maggiore of Trail of Bits. Discovery 2015-08-20 Entry 2015-08-20 vlc < 2.2.1_5,4 CVE-2015-5949 https://git.videolan.org/?p=vlc/vlc-2.2.git;a=commitdiff;h=ce91452460a75d7424b165c4dc8db98114c3cbd9;hp=9e12195d3e4316278af1fa4bcb6a705ff27456fd https://www.ocert.org/advisories/ocert-2015-009.html

VuXML ID

Description

a0a4e24c-4760-11e5-9391-3c970e169bc2

vlc -- arbitrary pointer dereference vulnerability

oCERT reports:

The stable VLC version suffers from an arbitrary pointer dereference vulnerability.

The vulnerability affects the 3GP file format parser, insufficient restrictions on a writable buffer can be exploited to execute arbitrary code via the heap memory. A specific 3GP file can be crafted to trigger the vulnerability.

Credit: vulnerability reported by Loren Maggiore of Trail of Bits.

Discovery 2015-08-20
Entry 2015-08-20
vlc

< 2.2.1_5,4

CVE-2015-5949
https://git.videolan.org/?p=vlc/vlc-2.2.git;a=commitdiff;h=ce91452460a75d7424b165c4dc8db98114c3cbd9;hp=9e12195d3e4316278af1fa4bcb6a705ff27456fd
https://www.ocert.org/advisories/ocert-2015-009.html