CVE-2014-9625: VideoLAN VLC Media Player updater buffer overflow

2015-01-20T00:00:00
ID CVE-2014-9625
Type cve
Reporter NVD
Modified 2015-01-20T00:00:00

Description

VideoLAN VLC Media Player is vulnerable to a heap-based buffer overflow, caused by an integer truncation in the automated updater. By persuading a victim to open a specially-crafted file containing an overly long string argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.