Jump to content

Recommended Posts

  • Root Admin

According to Research, VLC says it's not reproducible, so we have no way to know at this time.

Quote

[Update 10:30 AM] The VLC CVE on the National Vulnerability Database has now been updated, downgrading the severity of the issue from a Base Score of 9.8 (critical) to 5.5 (medium), with the change log also specifying that the “Victim must voluntarily interact with attack mechanism.”

Additionally, VideoLAN’s public bug tracker now lists the bug report as “fixed” and has closed the thread.

 

Edited by AdvancedSetup
Updated information
Link to post
Share on other sites

  • 4 weeks later...
On 7/23/2019 at 8:31 PM, AdvancedSetup said:

Refers to;  CVE-2019-13615

VideoLAN VLC was just updated to v3.0.8 but CVE-2019-13615 does not seem to have been addressed.

https://www.videolan.org/developers/vlc-branch/NEWS

Quote

Security:
 * Fix a buffer overflow in the MKV demuxer (CVE-2019-14970)
 * Fix a read buffer overflow in the avcodec decoder (CVE-2019-13962)
 * Fix a read buffer overflow in the FAAD decoder
 * Fix a read buffer overflow in the OGG demuxer (CVE-2019-14437, CVE-2019-14438)
 * Fix a read buffer overflow in the ASF demuxer (CVE-2019-14776)
 * Fix a use after free in the MKV demuxer (CVE-2019-14777, CVE-2019-14778)
 * Fix a use after free in the ASF demuxer (CVE-2019-14533)
 * Fix a couple of integer underflows in the MP4 demuxer (CVE-2019-13602)
 * Fix a null dereference in the dvdnav demuxer
 * Fix a null dereference in the ASF demuxer (CVE-2019-14534)
 * Fix a null dereference in the AVI demuxer
 * Fix a division by zero in the CAF demuxer (CVE-2019-14498)
 * Fix a division by zero in the ASF demuxer (CVE-2019-14535)

 

However according to this, the issue has been fixed.

https://trac.videolan.org/vlc/ticket/22474

 

Edited by David H. Lipman
Link to post
Share on other sites

  • Root Admin

Thanks for the update David.

I used to use VLC quite often for years but I don't troll much in the underground like I used to so I don't run across as many various CODEC video requirements as there used to be. VLC is still an overall great little program though.

 

 

Link to post
Share on other sites

There are additional controls you can add to the interface if you go to Tools>Customize Interface..., just select what you want to add from the list, including play speed buttons (speed up/slow down), frame by frame, step forward and step back (probably the closest to what you seek with regards to functionality if the play speed function doesn't do it for you).

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.