FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

vlc -- remote code execution via crafted subtitles

Affected packages
vlc < 2.2.6,4
vlc-qt4 < 2.2.6,4

Details

VuXML ID ec6aeb8e-41e4-11e7-aa00-5404a68ad561
Discovery 2017-05-23
Entry 2017-05-26

Check Point research team reports:

Remote code execution via crafted subtitles

References

URL http://blog.checkpoint.com/2017/05/23/hacked-in-translation/