CVE-2011-2588

Published: 27 July 2011

Heap-based buffer overflow in the AVI_ChunkRead_strf function in libavi.c in the AVI demuxer in VideoLAN VLC media player before 1.1.11 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted AVI media file.

Priority

Medium

Status

Package Release Status
vlc
Launchpad, Ubuntu, Debian
Upstream
Released (1.1.11)