CVE-2014-9628: VideoLAN VLC Media Player MP4 Demuxer buffer overflow

ID CVE-2014-9628
Type cve
Reporter NVD
Modified 2015-01-20T00:00:00


VideoLAN VLC Media Player is vulnerable to a heap-based buffer overflow, caused by a zero-byte allocation in the MP4 Demuxer. By persuading a victim to open a specially-crafted file containing an overly long string argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.