发布日期：2019-06-12
更新日期：2019-06-18

受影响系统：

VideoLAN VLC Media Player 3.0.4
VideoLAN VLC Media Player 3.0.4
VideoLAN VLC Media Player 3.0.4
VideoLAN VLC Media Player 3.0.4
VideoLAN VLC Media Player 3.0.1
VideoLAN VLC Media Player 3.0.1
VideoLAN VLC Media Player 3.0.1
VideoLAN VLC Media Player 3.0.1
VideoLAN VLC Media Player 2.2.8
VideoLAN VLC Media Player 2.2.8
VideoLAN VLC Media Player 2.2.8
VideoLAN VLC Media Player 2.2.5
VideoLAN VLC Media Player 2.2.4
VideoLAN VLC Media Player 2.2.3
VideoLAN VLC Media Player 2.2.2
VideoLAN VLC Media Player 2.2.2
VideoLAN VLC Media Player 2.2.2
VideoLAN VLC Media Player 2.2
VideoLAN VLC Media Player 2.2
VideoLAN VLC Media Player 2.2
VideoLAN VLC Media Player 2.1.6
VideoLAN VLC Media Player 2.1.5.0
VideoLAN VLC Media Player 2.1.5
VideoLAN VLC Media Player 2.1.5
VideoLAN VLC Media Player 2.1.5
VideoLAN VLC Media Player 2.1.3
VideoLAN VLC Media Player 2.1.2
VideoLAN VLC Media Player 2.1.1
VideoLAN VLC Media Player 2.1
VideoLAN VLC Media Player 2.1
VideoLAN VLC Media Player 2.1
VideoLAN VLC Media Player 2.0.9
VideoLAN VLC Media Player 2.0.9
VideoLAN VLC Media Player 2.0.9
VideoLAN VLC Media Player 2.0.8
VideoLAN VLC Media Player 2.0.8
VideoLAN VLC Media Player 2.0.8
VideoLAN VLC Media Player 2.0.7
VideoLAN VLC Media Player 2.0.7
VideoLAN VLC Media Player 2.0.7
VideoLAN VLC Media Player 2.0.6
VideoLAN VLC Media Player 2.0.6
VideoLAN VLC Media Player 2.0.6
VideoLAN VLC Media Player 2.0.5
VideoLAN VLC Media Player 2.0.5
VideoLAN VLC Media Player 2.0.5
VideoLAN VLC Media Player 2.0.4
VideoLAN VLC Media Player 2.0.4
VideoLAN VLC Media Player 2.0.4
VideoLAN VLC Media Player 2.0.3
VideoLAN VLC Media Player 2.0.2
VideoLAN VLC Media Player 2.0.2
VideoLAN VLC Media Player 2.0.2
VideoLAN VLC Media Player 2.0.1
VideoLAN VLC Media Player 2.0.1
VideoLAN VLC Media Player 2.0.1
VideoLAN VLC Media Player 2.0
VideoLAN VLC Media Player 2.0
VideoLAN VLC Media Player 2.0
VideoLAN VLC Media Player 1.2
VideoLAN VLC Media Player 1.2
VideoLAN VLC Media Player 1.2
VideoLAN VLC Media Player 1.1.9
VideoLAN VLC Media Player 1.1.9
VideoLAN VLC Media Player 1.1.9
VideoLAN VLC Media Player 1.1.8
VideoLAN VLC Media Player 1.1.8
VideoLAN VLC Media Player 1.1.8
VideoLAN VLC Media Player 1.1.7
VideoLAN VLC Media Player 1.1.7
VideoLAN VLC Media Player 1.1.7
VideoLAN VLC Media Player 1.1.6 1
VideoLAN VLC Media Player 1.1.6 1
VideoLAN VLC Media Player 1.1.6 1
VideoLAN VLC Media Player 1.1.6
VideoLAN VLC Media Player 1.1.5
VideoLAN VLC Media Player 1.1.4.1
VideoLAN VLC Media Player 1.1.4
VideoLAN VLC Media Player 1.1.4
VideoLAN VLC Media Player 1.1.3
VideoLAN VLC Media Player 1.1.3
VideoLAN VLC Media Player 1.1.2
VideoLAN VLC Media Player 1.1.2
VideoLAN VLC Media Player 1.1.13
VideoLAN VLC Media Player 1.1.13
VideoLAN VLC Media Player 1.1.13
VideoLAN VLC Media Player 1.1.12
VideoLAN VLC Media Player 1.1.12
VideoLAN VLC Media Player 1.1.11
VideoLAN VLC Media Player 1.1.10.1
VideoLAN VLC Media Player 1.1.10
VideoLAN VLC Media Player 1.1.1
VideoLAN VLC Media Player 1.1.1
VideoLAN VLC Media Player 1.1
VideoLAN VLC Media Player 1.1
VideoLAN VLC Media Player 1.0.6
VideoLAN VLC Media Player 1.0.5
VideoLAN VLC Media Player 1.0.4
VideoLAN VLC Media Player 1.0.3
VideoLAN VLC Media Player 1.0.2
VideoLAN VLC Media Player 1.0.1
VideoLAN VLC Media Player 1.0

描述：

---

BUGTRAQ  ID: 108769
CVE(CAN) ID: CVE-2019-5439

VLC多媒体播放器，最初名为VideoLAN Client，是VideoLAN计划的开放源代码多媒体播放器。支持众多音频与视频解码器及文件格式，并支持DVD影音光盘、VCD影音光盘及各类流协议。它也能作为单播或多播的流服务器在IPv4或IPv6的高速网络连线下使用。

VLC Media Player <3.0.7中的缓冲区溢出导致崩溃，可能会进一步发展为远程代码执行漏洞。

攻击者可以利用此问题在应用程序的上下文中执行任意代码。失败的攻击将导致拒绝服务的情况。

<*来源：zhangyang (retoor)
  *>

建议：

---

厂商补丁：

VideoLAN
--------
目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本：

http://www.videolan.org/

浏览次数：1281
严重程度：0（网友投票）