Commit 433cd91f authored by Hugo Beauzée-Luyssen's avatar Hugo Beauzée-Luyssen

SA1901: Fix 2nd vulnerability type

And credit the researcher
parent 3d244a69
......@@ -11,7 +11,7 @@
<h1>Security Advisory 1901</h1>
<pre>
Summary : Read buffer overflow &amp; use-after-free
Summary : Read buffer overflow &amp; double free
Date : June 2019
Affected versions : VLC media player 3.0.6 and earlier
ID : VideoLAN-SA-1901
......@@ -21,7 +21,7 @@ CVE reference : CVE-2019-5439, CVE-2019-12874
<h2>Details</h2>
<p>A remote user can create some specially crafted avi or mkv files that, when loaded by the target user, will trigger a
heap buffer overflow (read) in ReadFrame (demux/avi/avi.c), or a
heap use after free in zlib_decompress_extra() (demux/mkv/utils.cpp) respectively</p>
double free in zlib_decompress_extra() (demux/mkv/utils.cpp) respectively</p>
<h2>Impact</h2>
<p>If successful, a malicious third party could trigger either a crash of VLC or an arbitratry code execution with the privileges of the target user.</p>
......@@ -39,6 +39,10 @@ until the patch is applied.
<h2>Solution</h2>
<p>VLC media player <b>3.0.7</b> addresses the issue.
</p>
<h2>Credits</h2>
<p>The MKV double free vulnerability was reported by Symeon Paraschoudis from Pen Test Partners</p>
<h2>References</h2>
<dl>
<dt>The VideoLAN project</dt>
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment