CVE 2012-5470

libpng_plugin in VideoLAN VLC media player 2.0.3 allows remote attackers to cause a denial of service (application crash) via a crafted PNG file.

Related bugs and status

CVE-2012-5470 (Candidate) is related to these bugs:

Bug #947156: vlc crashed with SIGSEGV in QProgressBar::maximum()

		In	Importance	Status
947156	vlc crashed with SIGSEGV in QProgressBar::maximum()	vlc (Ubuntu)	Medium	Fix Released
947156	vlc crashed with SIGSEGV in QProgressBar::maximum()	VLC media player	Undecided	Fix Released
947156	vlc crashed with SIGSEGV in QProgressBar::maximum()	vlc (Ubuntu Precise)	Undecided	Fix Released

Bug #958462: vlc crashed with SIGSEGV in Close()

		In	Importance	Status
958462	vlc crashed with SIGSEGV in Close()	vlc (Ubuntu)	Medium	Fix Released
958462	vlc crashed with SIGSEGV in Close()	VLC media player	Unknown	Fix Released
958462	vlc crashed with SIGSEGV in Close()	vlc (Ubuntu Precise)	Undecided	Fix Released

Bug #960020: vlc crashed with SIGSEGV in CopyFromUswc()

		In	Importance	Status
960020	vlc crashed with SIGSEGV in CopyFromUswc()	vlc (Ubuntu)	Medium	Fix Released
960020	vlc crashed with SIGSEGV in CopyFromUswc()	VLC media player	Unknown	Fix Released
960020	vlc crashed with SIGSEGV in CopyFromUswc()	vlc (Ubuntu Precise)	Undecided	Fix Released

Bug #970447: vlc-plugin-notify freezes when asked to play something

		In	Importance	Status
970447	vlc-plugin-notify freezes when asked to play something	vlc (Ubuntu)	High	Fix Released
970447	vlc-plugin-notify freezes when asked to play something	vlc (Debian)	Unknown	Fix Released
970447	vlc-plugin-notify freezes when asked to play something	VLC media player	Unknown	Fix Released
970447	vlc-plugin-notify freezes when asked to play something	vlc (Ubuntu Precise)	Undecided	Fix Released

Bug #979490: vlc crashed with SIGSEGV in __pthread_mutex_lock()

		In	Importance	Status
979490	vlc crashed with SIGSEGV in __pthread_mutex_lock()	vlc (Ubuntu)	Medium	Fix Released
979490	vlc crashed with SIGSEGV in __pthread_mutex_lock()	VLC media player	Unknown	Fix Released
979490	vlc crashed with SIGSEGV in __pthread_mutex_lock()	vlc (Ubuntu Precise)	Undecided	Fix Released

Bug #1051552: Hebrew subtitles are encoded ISO-8859-8

		In	Importance	Status
1051552	Hebrew subtitles are encoded ISO-8859-8	totem (Ubuntu)	Undecided	Invalid
1051552	Hebrew subtitles are encoded ISO-8859-8	vlc (Ubuntu)	Undecided	Fix Released
1051552	Hebrew subtitles are encoded ISO-8859-8	Totem	Medium	Invalid
1051552	Hebrew subtitles are encoded ISO-8859-8	VLC media player	Unknown	Fix Released
1051552	Hebrew subtitles are encoded ISO-8859-8	smplayer (Ubuntu)	Undecided	New
1051552	Hebrew subtitles are encoded ISO-8859-8	SMPlayer	Unknown	Unknown
1051552	Hebrew subtitles are encoded ISO-8859-8	smplayer (Ubuntu Precise)	Undecided	Won't Fix
1051552	Hebrew subtitles are encoded ISO-8859-8	totem (Ubuntu Precise)	Undecided	Won't Fix
1051552	Hebrew subtitles are encoded ISO-8859-8	vlc (Ubuntu Precise)	Undecided	Fix Released

Bug #1084054: Denial of service via crafted PNG file

		In	Importance	Status
1084054	Denial of service via crafted PNG file	vlc (Ubuntu)	Undecided	Fix Released
1084054	Denial of service via crafted PNG file	vlc (Ubuntu Lucid)	Undecided	Won't Fix
1084054	Denial of service via crafted PNG file	vlc (Ubuntu Oneiric)	Undecided	Won't Fix
1084054	Denial of service via crafted PNG file	vlc (Ubuntu Precise)	Undecided	Fix Released
1084054	Denial of service via crafted PNG file	vlc (Ubuntu Raring)	Undecided	Fix Released
1084054	Denial of service via crafted PNG file	vlc (Ubuntu Quantal)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.