Bug#458318: Three security issues in vlc

Stefan Fritsch sf at sfritsch.de
Sun Dec 30 10:56:22 UTC 2007

Package: vlc
Version: 0.8.6.c-4
Severity: grave
Tags: security
Justification: user security hole

These pages


describe a security issue which allows to write to arbitrary files with

According to http://www.securityfocus.com/archive/1/485488/30/0/threaded , there
are two more unfixed security issues in vlc:

A] buffer-overflow in the handling of the subtitles
B] format string in the web interface

AFAIK there are no CVE ids for these issues yet.

More information about the pkg-multimedia-maintainers mailing list