783 matches found
UBUNTU-CVE-2018-19857
The CAF demuxer in modules/demux/caf.c in VideoLAN VLC media player 3.0.4 may read memory from an uninitialized pointer when processing magic cookies in CAF files, because a ReadKukiChunk cast converts a return value to an unsigned int even if that value is negative. This could result in a denial...
Bing Warns VLC Media Player Site is ‘Suspicious’ in Likely False-Positive Gaff
Microsoft’s Bing search engine warned its users the official VLC media player website was “suspicious” and dissuaded users from visiting the popular destination, suggesting the site contained “malicious software.” The site is no longer listed as unsafe. In a red warning message presented to users...
VLC Media Player 2.2.8 Vulnerable to Arbitrary Code Execution (CVE-2018-11529)
VideoLAN VLC media player is prone to a use after free vulnerability which an attacker can leverage to execute arbitrary code via crafted MKV files. Failed exploit attempts will likely result in denial of service conditions...
VLC Media Player 2.2.8 MKV Use-After-Free
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'VLC Media Player MKV Use After Free', 'Description' = %q This module exploits a use after free vulnerability in VideoLAN VLC = MSFLICENSE, 'Autho...
CVE-2018-11529
VideoLAN VLC media player 2.2.x is prone to a use after free vulnerability which an attacker can leverage to execute arbitrary code via crafted MKV files. Failed exploit attempts will likely result in denial of service conditions...
Design/Logic Flaw
VideoLAN VLC media player 2.2.x is prone to a use after free vulnerability which an attacker can leverage to execute arbitrary code via crafted MKV files. Failed exploit attempts will likely result in denial of service conditions...
CVE-2018-11529
VideoLAN VLC media player 2.2.x is prone to a use after free vulnerability which an attacker can leverage to execute arbitrary code via crafted MKV files. Failed exploit attempts will likely result in denial of service conditions...
CVE-2018-11529
VLC media player 2.2.x is affected by a use-after-free vulnerability in the MP4 demuxer that can be triggered by crafted MKV files, enabling arbitrary code execution. In the documented exploitchain, VLC 2.2.8 (and earlier 2.2.x) is at risk, with failures potentially causing denial of service. The...
CVE-2018-11529
VideoLAN VLC media player 2.2.x is prone to a use after free vulnerability which an attacker can leverage to execute arbitrary code via crafted MKV files. Failed exploit attempts will likely result in denial of service conditions...
vlc -- Use after free vulnerability
Mitre reports: VideoLAN VLC media player 2.2.x is prone to a use after free vulnerability which an attacker can leverage to execute arbitrary code via crafted MKV files. Failed exploit attempts will likely result in denial of service conditions...
VideoLAN VLC Denial of Service Vulnerability (CNVD-2018-10858)
VideoLAN VLC media player is a free, open source cross-platform multimedia player also a multimedia framework developed by the French organization VideoLAN. The product supports playback of a variety of media files, CD-ROMs, etc., a variety of audio and video formats WMV, MP3, etc. and so on. A...
VLC Media Player Denial-of-Service Vulnerability (May 2018) - Windows
VLC media player is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CVE-2018-11516
CVE-2018-11516 affects VideoLAN VLC media player 3.0.1, where the vlc_demux_chained_Delete function in input/demux_chained.c can be triggered by a crafted .swf file to cause a denial of service via heap corruption and application crash. Some sources also describe a potential for remote code execu...
VLC Media Player 'MP4 Demux Module' DoS Vulnerability - Windows
VLC media player is prone to a denial of service vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
VideoLAN VLC media player MP4 demux module denial of service vulnerability
VideoLAN VLC media player is a free and open source cross-platform multimedia player also a multimedia framework developed by the French organization VideoLAN. The product supports playback of multiple media files, CD-ROMs, etc., multiple audio and video formats WMV, MP3, etc., etc. The MP4 demux...
Type confusion
In VideoLAN VLC media player through 2.2.8, there is a type conversion vulnerability in modules/demux/mp4/libmp4.c in the MP4 demux module leading to a invalid free, because the type of a box may be changed between a read operation and a free operation...
UBUNTU-CVE-2017-17670
In VideoLAN VLC media player through 2.2.8, there is a type conversion vulnerability in modules/demux/mp4/libmp4.c in the MP4 demux module leading to a invalid free, because the type of a box may be changed between a read operation and a free operation...
DEBIAN-CVE-2017-17670
In VideoLAN VLC media player through 2.2.8, there is a type conversion vulnerability in modules/demux/mp4/libmp4.c in the MP4 demux module leading to a invalid free, because the type of a box may be changed between a read operation and a free operation...
CVE-2017-17670
In VideoLAN VLC media player through 2.2.8, there is a type conversion vulnerability in modules/demux/mp4/libmp4.c in the MP4 demux module leading to a invalid free, because the type of a box may be changed between a read operation and a free operation...
CVE-2017-17670
CVE-2017-17670 affects VideoLAN VLC media player up to version 2.2.8, where the MP4 demuxer (modules/demux/mp4/libmp4.c) contains a type-conversion bug that may change a box’s type between a read and a free operation, causing an invalid free. Multiple connected sources confirm VLC 2.x are vulnera...