CVE-2019-5439

Summary

CVE	CVE-2019-5439
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2019-06-13 16:29:00 UTC
Updated	2019-06-17 08:29:00 UTC
Description	A Buffer Overflow in VLC Media Player < 3.0.7 causes a crash which can possibly be further developed into a remote code execution exploit.

Risk And Classification

Problem Types: CWE-119

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Application	Videolan	Vlc Media Player	All	All	All	All
Application	Videolan	Vlc Media Player	All	All	All	All

References

Reference	Source	Link	Tags
HackerOne	MISC	hackerone.com	Third Party Advisory
[security-announce] openSUSE-SU-2019:2015-1: important: Security update	SUSE	lists.opensuse.org
USN-4074-1: VLC vulnerabilities \| Ubuntu security notices	UBUNTU	usn.ubuntu.com
VLC: Multiple vulnerabilities (GLSA 201908-23) — Gentoo security	GENTOO	security.gentoo.org
[security-announce] openSUSE-SU-2019:1840-1: important: Security update	SUSE	lists.opensuse.org
[security-announce] openSUSE-SU-2019:1897-1: important: Security update	SUSE	lists.opensuse.org
VLC Media Player CVE-2019-5439 Buffer Overflow Vulnerability	BID	www.securityfocus.com
[security-announce] openSUSE-SU-2019:1909-1: important: Security update	SUSE	lists.opensuse.org
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

Legacy QID Mappings

710138 Gentoo Linux VLC Multiple vulnerabilities (GLSA 201908-23)