VulnerableCode Package Details - pkg:alpm/archlinux/vlc@2.2.4-9

Search for packages

Vulnerability	Summary	Fixed by
VCID-ajtu-rm8v-aaam Aliases: CVE-2017-8311	Potential heap based buffer overflow in ParseJSS in VideoLAN VLC before 2.2.5 due to skipping NULL terminator in an input string allows attackers to execute arbitrary code via a crafted subtitles file.	2.2.6-1 Affected by 0 other vulnerabilities.
VCID-ge3g-m8dt-aaag Aliases: CVE-2017-8310	Heap out-of-bound read in CreateHtmlSubtitle in VideoLAN VLC 2.2.x due to missing check of string termination allows attackers to read data beyond allocated memory and potentially crash the process (causing a denial of service) via a crafted subtitles file.	2.2.6-1 Affected by 0 other vulnerabilities.
VCID-nkp7-xrsb-aaaj Aliases: CVE-2017-8312	Heap out-of-bound read in ParseJSS in VideoLAN VLC due to missing check of string length allows attackers to read heap uninitialized data via a crafted subtitles file.	2.2.6-1 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-ajtu-rm8v-aaam
Aliases:
CVE-2017-8311

Potential heap based buffer overflow in ParseJSS in VideoLAN VLC before 2.2.5 due to skipping NULL terminator in an input string allows attackers to execute arbitrary code via a crafted subtitles file.

2.2.6-1
Affected by 0 other vulnerabilities.

VCID-ge3g-m8dt-aaag
Aliases:
CVE-2017-8310

Heap out-of-bound read in CreateHtmlSubtitle in VideoLAN VLC 2.2.x due to missing check of string termination allows attackers to read data beyond allocated memory and potentially crash the process (causing a denial of service) via a crafted subtitles file.

2.2.6-1
Affected by 0 other vulnerabilities.

VCID-nkp7-xrsb-aaaj
Aliases:
CVE-2017-8312

Heap out-of-bound read in ParseJSS in VideoLAN VLC due to missing check of string length allows attackers to read heap uninitialized data via a crafted subtitles file.

2.2.6-1
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-03-28T07:46:12.619822+00:00	Arch Linux Importer	Affected by	VCID-ge3g-m8dt-aaag	https://security.archlinux.org/AVG-283	36.0.0
2025-03-28T07:46:12.599437+00:00	Arch Linux Importer	Affected by	VCID-ajtu-rm8v-aaam	https://security.archlinux.org/AVG-283	36.0.0
2025-03-28T07:46:12.579113+00:00	Arch Linux Importer	Affected by	VCID-nkp7-xrsb-aaaj	https://security.archlinux.org/AVG-283	36.0.0
2024-09-18T02:01:22.779766+00:00	Arch Linux Importer	Affected by	VCID-ge3g-m8dt-aaag	https://security.archlinux.org/AVG-283	34.0.1
2024-09-18T02:01:22.746283+00:00	Arch Linux Importer	Affected by	VCID-ajtu-rm8v-aaam	https://security.archlinux.org/AVG-283	34.0.1
2024-09-18T02:01:22.712511+00:00	Arch Linux Importer	Affected by	VCID-nkp7-xrsb-aaaj	https://security.archlinux.org/AVG-283	34.0.1
2024-01-24T11:41:55.592197+00:00	Arch Linux Importer	Affected by	VCID-ge3g-m8dt-aaag	https://security.archlinux.org/AVG-283	34.0.0rc2
2024-01-24T11:41:55.570188+00:00	Arch Linux Importer	Affected by	VCID-ajtu-rm8v-aaam	https://security.archlinux.org/AVG-283	34.0.0rc2
2024-01-24T11:41:55.548262+00:00	Arch Linux Importer	Affected by	VCID-nkp7-xrsb-aaaj	https://security.archlinux.org/AVG-283	34.0.0rc2
2024-01-03T22:27:33.106777+00:00	Arch Linux Importer	Affected by	VCID-ge3g-m8dt-aaag	https://security.archlinux.org/AVG-283	34.0.0rc1
2024-01-03T22:27:33.080721+00:00	Arch Linux Importer	Affected by	VCID-ajtu-rm8v-aaam	https://security.archlinux.org/AVG-283	34.0.0rc1
2024-01-03T22:27:33.057066+00:00	Arch Linux Importer	Affected by	VCID-nkp7-xrsb-aaaj	https://security.archlinux.org/AVG-283	34.0.0rc1