CVE-2017-8311

Summary

Potential heap based buffer overflow in ParseJSS in VideoLAN VLC before 2.2.5 due to skipping NULL terminator in an input string allows attackers to execute arbitrary code via a crafted subtitles file.

Affected Software

VendorProductVersion RangeStatus
VideoLANVLC<2.2.5affected

Weaknesses

  • Allows attacker to execute arbitrary code.

ADP Enrichment

CVE Program Container

Additional References

References