Candidate: CVE-2014-6440
PublicDate: 2017-03-28 15:59:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6440
 https://marc.info/?l=oss-security&m=142553869106649&w=2
Description:
 VideoLAN VLC media player before 2.1.5 allows remote attackers to execute
 arbitrary code or cause a denial of service.
Ubuntu-Description:
Notes:
 tyhicks> See oss-security thread for links to backported fixes
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H [9.8 CRITICAL]

Patches_vlc:
upstream_vlc: released (2.1.5-1)
lucid_vlc: ignored (reached end-of-life)
precise_vlc: ignored (reached end-of-life)
precise/esm_vlc: DNE (precise was needed)
trusty_vlc: released (2.1.6-0ubuntu14.04.1)
trusty/esm_vlc: DNE (trusty was released [2.1.6-0ubuntu14.04.1])
utopic_vlc: not-affected (2.2.0~pre2-4build1)
vivid_vlc: not-affected
vivid/stable-phone-overlay_vlc: DNE
vivid/ubuntu-core_vlc: DNE
wily_vlc: not-affected
xenial_vlc: not-affected
yakkety_vlc: not-affected
zesty_vlc: not-affected
devel_vlc: not-affected