vlc: Multiple vulnerabilities (CVE-2019-19721, CVE-2020-6071, CVE-2020-6072, CVE-2020-6073, CVE-2020-6077, CVE-2020-6078, CVE-2020-6079)
A remote user could:
- Create a specifically crafted image file that could trigger an out of bounds read
- Send a specifically crafter request to the microdns service discovery, potentially triggering various memory management issues
Fixed In Version:
vlc 3.0.9
Reference:
https://www.videolan.org/security/sb-vlc309.html
Affected branches:
-
master (c5bdcc1f) -
3.11-stable