Candidate: CVE-2011-2194
PublicDate: 2011-06-24 20:55:00 UTC
References: 
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2194
 http://www.videolan.org/security/sa1104.html
Description:
 Integer overflow in the XSPF playlist parser in VideoLAN VLC media player
 0.8.5 through 1.1.9 allows remote attackers to cause a denial of service
 (crash) and possibly execute arbitrary code via unspecified vectors that
 trigger a heap-based buffer overflow.
Ubuntu-Description: 
Notes: 
Bugs: 
Priority: medium
Discovered-by:
Assigned-to: 
CVSS: 

Patches_vlc:
 upstream: http://repo.or.cz/w/vlc.git/commitdiff/cd929923ff49175a501bb3e9553a683bc42ff61c
upstream_vlc: released (1.1.10)
hardy_vlc: ignored (reached end-of-life)
lucid_vlc: released (1.0.6-1ubuntu1.7)
maverick_vlc: released (1.1.4-1ubuntu1.6)
natty_vlc: released (1.1.9-1ubuntu1.1)
devel_vlc: not-affected (1.1.10-1ubuntu1)