Snippets Groups Projects

Two issues affecting VLC

Two (apparently) security vulnerabilities have been found in VLC when parsing M2TS and 3GP files.

I am attaching the two analysis documents and the two samples.

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information

Child items ...

Activity

nrathaus @nrathaus · 11 years ago

Author
Added attachment:

samples-1.7z
nrathaus @nrathaus · 11 years ago

Author

Second sample is bigger than 500k, how can I provide it?
Jean-Baptiste Kempf assigned to @fenrir 11 years ago

assigned to @fenrir
Jean-Baptiste Kempf added Component::Demuxers label 11 years ago

added Component::Demuxers label
Jean-Baptiste Kempf changed milestone to %2.0.7 11 years ago

changed milestone to %2.0.7
Jean-Baptiste Kempf @jbk · 11 years ago

Owner

Please mail security@
Rafaël Carré @funman · 11 years ago

Developer

The bug is in libav (and not in FFmpeg).
Rafaël Carré added Status::not VLC label 11 years ago

added Status::not VLC label
Rafaël Carré closed 11 years ago

closed
cehoyos @cehoyos · 11 years ago

Please upload the second sample to http://streams.videolan.org/upload/ or http://www.datafilehost.com/

Please register or sign in to reply

Labels

Component::Demuxers Status::not VLC

Milestone

None

Due date

None

Confidentiality

Participants

VideoLAN code repository instance