CVE-2014-9627: VideoLAN VLC Media Player MP4 Demuxer buffer overflow

2015-01-20T00:00:00
ID CVE-2014-9627
Type cve
Reporter NVD
Modified 2015-01-20T00:00:00

Description

VideoLAN VLC Media Player is vulnerable to a heap-based buffer overflow, caused by an integer truncation in the MP4 Demuxer. By persuading a victim to open a specially-crafted file containing an overly long string argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.