CVE-2011-0531
Priority
Medium
Description
demux/mkv/mkv.hpp in the MKV demuxer plugin in VideoLAN VLC media player
1.1.6.1 and earlier allows remote attackers to cause a denial of service
(crash) and execute arbitrary commands via a crafted MKV (WebM or Matroska)
file that triggers memory corruption, related to "class mismatching" and
the MKV_IS_ID macro.
1.1.6.1 and earlier allows remote attackers to cause a denial of service
(crash) and execute arbitrary commands via a crafted MKV (WebM or Matroska)
file that triggers memory corruption, related to "class mismatching" and
the MKV_IS_ID macro.
Assigned-to
bdrung
Package
| Upstream: | released (1.1.7-1) |
| Ubuntu 8.04 LTS (Hardy Heron): | ignored (reached end-of-life) |
| Ubuntu 10.04 LTS (Lucid Lynx): | released (1.0.6-1ubuntu1.5) |
| Ubuntu 11.04 (Natty Narwhal): | not-affected (1.1.7-1ubuntu1) |
| Ubuntu 11.10 (Oneiric Ocelot): | not-affected (1.1.7-1ubuntu1) |
Patches:
| Patch: | http://git.videolan.org/?p=vlc.git;a=commit;h=59491dcedffbf97612d2c572943b56ee4289dd07 |
| Debdiff: | https://bugs.launchpad.net/ubuntu/+source/vlc/+bug/714089 |