| Errata ID | 634 |
|---|---|
| Date | 2020-06-24 |
| Source package | vlc |
| Fixed in version | 3.0.11-0+deb9u1 |
| Description | This update addresses the following issue: * A heap-based buffer overflow in the hxxx_AnnexB_to_xVC function in modules/packetizer/hxxx_nal.c in VideoLAN VLC media player before 3.0.11 for macOS/iOS allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted H.264 Annex-B video (.avi for example) file. (CVE-2020-13428) |
| Additional notes | |
| CVE ID | CVE-2020-13428 |
| UCS Bug number | #51544 |
