Bug#671727: CVE-2012-2396: divide-by-zero on crafted mp4 file
Helmut Grohne
helmut at subdivi.de
Sun May 6 12:02:16 UTC 2012
Package: src:vlc
Version: 2.0.1-4
Severity: important
Tags: security
Dear VLC maintainers,
Please check which versions of vlc (if any) are affected by
CVE-2012-2396[1].
The description is:
| VideoLAN VLC media player 2.0.1 allows remote attackers to cause a
| denial of service (divide-by-zero error and application crash) via a
| crafted MP4 file.
Helmut
[1] http://security-tracker.debian.org/tracker/CVE-2012-2396
You will find links to other bug trackers here. RedHat seems to have
this issue covered already.
More information about the pkg-multimedia-maintainers
mailing list