VLC: Multiple vulnerabilities
Multiple vulnerabilities have been found in VLC, the worst of which
could lead to user-assisted execution of arbitrary code.
VLC
November 05, 2014
November 05, 2014: 1
279340
285370
316709
332361
350933
352206
352776
353326
360189
363359
370321
375167
385953
395543
408881
414409
424435
442758
450438
454650
476436
486902
493710
499806
remote
2.1.2
2.1.2
VLC is a cross-platform media player and streaming server.
Multiple vulnerabilities have been discovered in VLC. Please review the
CVE identifiers referenced below for details.
A remote attacker could entice a user to open a specially crafted media
file using VLC, possibly resulting in execution of arbitrary code with
the privileges of the process or a Denial of Service condition.
There is no known workaround at this time.
All VLC users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=media-video/vlc-2.1.2"
CVE-2010-1441
CVE-2010-1442
CVE-2010-1443
CVE-2010-1444
CVE-2010-1445
CVE-2010-2062
CVE-2010-2937
CVE-2010-3124
CVE-2010-3275
CVE-2010-3276
CVE-2010-3907
CVE-2011-0021
CVE-2011-0522
CVE-2011-0531
CVE-2011-1087
CVE-2011-1684
CVE-2011-2194
CVE-2011-2587
CVE-2011-2588
CVE-2011-3623
CVE-2012-0023
CVE-2012-1775
CVE-2012-1776
CVE-2012-2396
CVE-2012-3377
CVE-2012-5470
CVE-2012-5855
CVE-2013-1868
CVE-2013-1954
CVE-2013-3245
CVE-2013-4388
CVE-2013-6283
CVE-2013-6934
a3li
underling