SB2019081510 - OpenSUSE Linux update for vlc

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2019081510

SB2019081510 - OpenSUSE Linux update for vlc

Published: August 15, 2019

Security Bulletin ID SB2019081510
Severity
High
Patch available
YES
Number of vulnerabilities 7
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 29% Low 71%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 7 secuirty vulnerabilities.


1) Improper input validation (CVE-ID: CVE-2018-19857)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to improper handling of magic cookies in Core Audio Format (CAF) files, which could result in an uninitialized memory read in the CAF demuxer. A remote attacker can trick the victim into accessing a CAF file that submits malicious input, trigger typecast that converts a possibly negative return value to an unsigned integer in the ReadKukiChunk() function and cause the service to crash.


2) Double Free (CVE-ID: CVE-2019-12874)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing MKV files in zlib_decompress_extra() function in modules/demux/mkv/util.cpp. A remote attacker can create a specially crafted MKV file, trick the victim into opening it, trigger double free error and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


3) Integer underflow (CVE-ID: CVE-2019-13602)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attacks on the target system.

The vulnerability exists due to a boundary error in the "MP4_EIA608_Convert()" function in the "modules/demux/mp4/mp4.c" file. A remote attacker can trick the victim to open a specially crafted .mp4 file, trigger integer underflow and crash the affected application.



4) Out-of-bounds read (CVE-ID: CVE-2019-13962)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to heap-based buffer over-read because the application does not properly validate the width and height properties in lavc_CopyPicture function in modules/codec/avcodec/video.c. A remote attacker can perform a denial of service attack.


5) Buffer overflow (CVE-ID: CVE-2019-5439)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing media files in libavi_plugin. A remote attacker can create a specially crafted Office document, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


6) Integer underflow (CVE-ID: CVE-2019-5459)

The vulnerability allows a remote attacker to perform denial of service (DoS) attack.

The vulnerability exists due to integer underflow when processing FAAD2 media files. A remote attacker can create a specially crafted media file, trick the victim to open it, trigger integer underflow and crash the affected application.


7) Double Free (CVE-ID: CVE-2019-5460)

The vulnerability allows a remote attacker to perform denial of service (DoS) attack.

The vulnerability exists due to a boundary error when processing media files in the modules/codec/faad.c file. A remote attacker can trick the victim to open a specially crafted media file, trigger double free error and crash the application.

Remediation

Install update from vendor's website.

References