DSA-2211-1 vlc -- missing input sanitisingID: oval:org.secpod.oval:def:600227 | Date: (C)2011-04-19 (M)2023-11-09 |
Class: PATCH | Family: unix |
Ricardo Narvaja discovered that missing input sanitising in VLC, a multimedia player and streamer, could lead to the execution of arbitrary code if a user is tricked into opening a malformed media file. This update also provides updated packages for oldstable for vulnerabilities, which have already been addressed in Debian stable , either during the freeze or in DSA-2159
Platform: |
Debian 5.0 |
Debian 6.0 |