Candidate: CVE-2013-4388
PublicDate: 2013-10-11 22:55:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4388
 http://git.videolan.org/?p=vlc.git;a=commitdiff;h=9794ec1cd268c04c8bca13a5fae15df6594dff3e
Description:
 Buffer overflow in the mp4a packetizer (modules/packetizer/mpeg4audio.c) in
 VideoLAN VLC Media Player before 2.0.8 allows remote attackers to cause a
 denial of service (crash) and possibly execute arbitrary code via
 unspecified vectors.
Ubuntu-Description:
Notes:
 seth-arnold> Despite version number claim in the description, the releases before
  trusty are still affected and require an update
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_vlc:
upstream_vlc: needs-triage
lucid_vlc: ignored (reached end-of-life)
precise_vlc: ignored (reached end-of-life)
precise/esm_vlc: DNE (precise was needed)
quantal_vlc: ignored (reached end-of-life)
raring_vlc: ignored (reached end-of-life)
saucy_vlc: ignored (reached end-of-life)
trusty_vlc: not-affected (2.1.1-1)
trusty/esm_vlc: DNE (trusty was not-affected [2.1.1-1])
utopic_vlc: not-affected (2.1.1-1)
vivid_vlc: not-affected (2.1.1-1)
vivid/stable-phone-overlay_vlc: DNE
vivid/ubuntu-core_vlc: DNE
wily_vlc: not-affected (2.1.1-1)
xenial_vlc: not-affected (2.1.1-1)
yakkety_vlc: not-affected (2.1.1-1)
zesty_vlc: not-affected (2.1.1-1)
devel_vlc: not-affected (2.1.1-1)