thr3ads.net - Secure testing team - [Secure-testing-team] Bug#671727: CVE-2012-2396: divide-by-zero on crafted mp4 file [May 2012]

If this information is useful, please help other people find it:
Share via:

Twitter
Facebook
Email

Helmut Grohne

2012-May-06 12:02 UTC

[Secure-testing-team] Bug#671727: CVE-2012-2396: divide-by-zero on crafted mp4 file

Package: src:vlc
Version: 2.0.1-4
Severity: important
Tags: security

Dear VLC maintainers,

Please check which versions of vlc (if any) are affected by
CVE-2012-2396[1].

The description is:

| VideoLAN VLC media player 2.0.1 allows remote attackers to cause a
| denial of service (divide-by-zero error and application crash) via a
| crafted MP4 file.

Helmut

[1] http://security-tracker.debian.org/tracker/CVE-2012-2396
    You will find links to other bug trackers here. RedHat seems to have
    this issue covered already.

Secure testing team - May 2012 - Bug#671727: CVE-2012-2396: divide-by-zero on crafted mp4 file

[Secure-testing-team] Bug#671727: CVE-2012-2396: divide-by-zero on crafted mp4 file