First published: Tue Jul 30 2019(Updated: )
An Integer underflow in VLC Media Player versions < 3.0.7 leads to an out-of-band read.
Credit: support@hackerone.com
Affected Software | Affected Version | How to fix |
---|---|---|
Videolan Vlc Media Player | <3.0.7 | |
openSUSE Backports SLE | =15.0-sp1 | |
Opensuse Backports | =sle-15 | |
openSUSE Leap | =15.0 | |
openSUSE Leap | =15.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2019-5459 is an Integer underflow vulnerability in VLC Media Player versions < 3.0.7 that leads to an out-of-band read.
VLC Media Player versions < 3.0.7 are affected by CVE-2019-5459.
CVE-2019-5459 has a severity rating of 7.1 (high).
To fix CVE-2019-5459, upgrade to VLC Media Player version 3.0.7 or later.
You can find more information about CVE-2019-5459 at the following references: [link1](http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00005.html), [link2](http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00037.html), [link3](http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00040.html).