cnvd - cnvd-2017-08122

cnvd-2017-08122

Vulnerability from cnvd

Title: VideoLAN VLC堆缓冲区溢出漏洞

Description:

VideoLAN VLC是法国VideoLAN组织开发的一款免费、开源的跨平台多媒体播放器（也是一个多媒体框架）。该产品支持播放多种介质（文件、光盘等）、多种音视频格式（WMV, MP3等）等。ParseJSS是其中的一个字幕文件解析器。

VideoLAN VLC 2.2.5之前的版本中的ParseJSS存在堆缓冲区溢出漏洞。攻击者可借助特制的字幕文件利用该漏洞执行任意代码。

Severity: 中

Patch Name: VideoLAN VLC堆缓冲区溢出漏洞的补丁

Patch Description:

VideoLAN VLC 2.2.5之前的版本中的ParseJSS存在堆缓冲区溢出漏洞。攻击者可借助特制的字幕文件利用该漏洞执行任意代码。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

目前厂商已经发布了升级补丁以修复此安全问题，补丁获取链接： http://git.videolan.org/?p=vlc.git;a=commitdiff;h=775de716add17322f24b476439f903a829446eb6

Reference: http://git.videolan.org/?p=vlc.git;a=commitdiff;h=775de716add17322f24b476439f903a829446eb6

Impacted products

Name
VideoLAN VLC Media Player <2.2.5

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "98634"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2017-8311"
    }
  },
  "description": "VideoLAN VLC\u662f\u6cd5\u56fdVideoLAN\u7ec4\u7ec7\u5f00\u53d1\u7684\u4e00\u6b3e\u514d\u8d39\u3001\u5f00\u6e90\u7684\u8de8\u5e73\u53f0\u591a\u5a92\u4f53\u64ad\u653e\u5668\uff08\u4e5f\u662f\u4e00\u4e2a\u591a\u5a92\u4f53\u6846\u67b6\uff09\u3002\u8be5\u4ea7\u54c1\u652f\u6301\u64ad\u653e\u591a\u79cd\u4ecb\u8d28\uff08\u6587\u4ef6\u3001\u5149\u76d8\u7b49\uff09\u3001\u591a\u79cd\u97f3\u89c6\u9891\u683c\u5f0f\uff08WMV, MP3\u7b49\uff09\u7b49\u3002ParseJSS\u662f\u5176\u4e2d\u7684\u4e00\u4e2a\u5b57\u5e55\u6587\u4ef6\u89e3\u6790\u5668\u3002\r\n\r\nVideoLAN VLC 2.2.5\u4e4b\u524d\u7684\u7248\u672c\u4e2d\u7684ParseJSS\u5b58\u5728\u5806\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u501f\u52a9\u7279\u5236\u7684\u5b57\u5e55\u6587\u4ef6\u5229\u7528\u8be5\u6f0f\u6d1e\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002",
  "discovererName": "Check Point researcher.",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6b64\u5b89\u5168\u95ee\u9898\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttp://git.videolan.org/?p=vlc.git;a=commitdiff;h=775de716add17322f24b476439f903a829446eb6",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2017-08122",
  "openTime": "2017-06-04",
  "patchDescription": "VideoLAN VLC\u662f\u6cd5\u56fdVideoLAN\u7ec4\u7ec7\u5f00\u53d1\u7684\u4e00\u6b3e\u514d\u8d39\u3001\u5f00\u6e90\u7684\u8de8\u5e73\u53f0\u591a\u5a92\u4f53\u64ad\u653e\u5668\uff08\u4e5f\u662f\u4e00\u4e2a\u591a\u5a92\u4f53\u6846\u67b6\uff09\u3002\u8be5\u4ea7\u54c1\u652f\u6301\u64ad\u653e\u591a\u79cd\u4ecb\u8d28\uff08\u6587\u4ef6\u3001\u5149\u76d8\u7b49\uff09\u3001\u591a\u79cd\u97f3\u89c6\u9891\u683c\u5f0f\uff08WMV, MP3\u7b49\uff09\u7b49\u3002ParseJSS\u662f\u5176\u4e2d\u7684\u4e00\u4e2a\u5b57\u5e55\u6587\u4ef6\u89e3\u6790\u5668\u3002\r\n\r\nVideoLAN VLC 2.2.5\u4e4b\u524d\u7684\u7248\u672c\u4e2d\u7684ParseJSS\u5b58\u5728\u5806\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u501f\u52a9\u7279\u5236\u7684\u5b57\u5e55\u6587\u4ef6\u5229\u7528\u8be5\u6f0f\u6d1e\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "VideoLAN VLC\u5806\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "VideoLAN VLC Media Player \u003c2.2.5"
  },
  "referenceLink": "http://git.videolan.org/?p=vlc.git;a=commitdiff;h=775de716add17322f24b476439f903a829446eb6",
  "serverity": "\u4e2d",
  "submitTime": "2017-05-25",
  "title": "VideoLAN VLC\u5806\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e"
}

CVE-2017-8311 (GCVE-0-2017-8311)

Vulnerability from cvelistv5

Published

2017-05-23 21:00

Modified

2024-08-05 16:34

Severity ?

CWE

Allows attacker to execute arbitrary code.

Summary

Potential heap based buffer overflow in ParseJSS in VideoLAN VLC before 2.2.5 due to skipping NULL terminator in an input string allows attackers to execute arbitrary code via a crafted subtitles file.

References

▼	URL	Tags
	https://security.gentoo.org/glsa/201707-10	vendor-advisory, x_refsource_GENTOO
	https://www.exploit-db.com/exploits/44514/	exploit, x_refsource_EXPLOIT-DB
	http://www.securityfocus.com/bid/98634	vdb-entry, x_refsource_BID
	http://git.videolan.org/?p=vlc.git%3Ba=commitdiff%3Bh=775de716add17322f24b476439f903a829446eb6	x_refsource_CONFIRM
	http://www.debian.org/security/2017/dsa-3899	vendor-advisory, x_refsource_DEBIAN

Impacted products

	Vendor	Product	Version
	VideoLAN	VLC	Version: <2.2.5

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T16:34:22.584Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "GLSA-201707-10",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201707-10"
          },
          {
            "name": "44514",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/44514/"
          },
          {
            "name": "98634",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/98634"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.videolan.org/?p=vlc.git%3Ba=commitdiff%3Bh=775de716add17322f24b476439f903a829446eb6"
          },
          {
            "name": "DSA-3899",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2017/dsa-3899"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "VLC",
          "vendor": "VideoLAN",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c2.2.5"
            }
          ]
        }
      ],
      "datePublic": "2017-04-06T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Potential heap based buffer overflow in ParseJSS in VideoLAN VLC before 2.2.5 due to skipping NULL terminator in an input string allows attackers to execute arbitrary code via a crafted subtitles file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Allows attacker to execute arbitrary code.",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-04-26T09:57:01",
        "orgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45",
        "shortName": "checkpoint"
      },
      "references": [
        {
          "name": "GLSA-201707-10",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201707-10"
        },
        {
          "name": "44514",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/44514/"
        },
        {
          "name": "98634",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/98634"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.videolan.org/?p=vlc.git%3Ba=commitdiff%3Bh=775de716add17322f24b476439f903a829446eb6"
        },
        {
          "name": "DSA-3899",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2017/dsa-3899"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@checkpoint.com",
          "ID": "CVE-2017-8311",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "VLC",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "\u003c2.2.5"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "VideoLAN"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Potential heap based buffer overflow in ParseJSS in VideoLAN VLC before 2.2.5 due to skipping NULL terminator in an input string allows attackers to execute arbitrary code via a crafted subtitles file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Allows attacker to execute arbitrary code."
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "GLSA-201707-10",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201707-10"
            },
            {
              "name": "44514",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/44514/"
            },
            {
              "name": "98634",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/98634"
            },
            {
              "name": "http://git.videolan.org/?p=vlc.git;a=commitdiff;h=775de716add17322f24b476439f903a829446eb6",
              "refsource": "CONFIRM",
              "url": "http://git.videolan.org/?p=vlc.git;a=commitdiff;h=775de716add17322f24b476439f903a829446eb6"
            },
            {
              "name": "DSA-3899",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2017/dsa-3899"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45",
    "assignerShortName": "checkpoint",
    "cveId": "CVE-2017-8311",
    "datePublished": "2017-05-23T21:00:00",
    "dateReserved": "2017-04-28T00:00:00",
    "dateUpdated": "2024-08-05T16:34:22.584Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted