VLC Media Player远程整数溢出漏洞(CVE-2013-3245)

BUGTRAQ ID: 61032 CVECAN ID: CVE-2013-3245 VLC Media Player是多媒体播放器。 VLC Media Player 2.0.7及其他版本在解析MKV文件时，libmkvplugin.dll模块存在整数溢出错误，远程攻击者通过特制标头的MKV文件，利用此漏洞可造成堆缓冲区溢出。 0 VLC Media Player 2.x 厂商补丁： VideoLAN -------- 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本： http://www.videolan.org/...

DEBIAN-CVE-2013-1954

The ASF Demuxer modules/demux/asf/asf.c in VideoLAN VLC media player 2.0.5 and earlier allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted ASF movie that triggers an out-of-bounds read...

DEBIAN-CVE-2013-3245

plugins/demux/libmkvplugin.dll in VideoLAN VLC Media Player 2.0.7, and possibly other versions, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted MKV file, possibly involving an integer overflow and out-of-bounds read or heap-based buffer...

CVE-2012-5855

The SHAddToRecentDocs function in VideoLAN VLC media player 2.0.4 and earlier might allow user-assisted attackers to cause a denial of service crash via a crafted file name that triggers an incorrect string-length calculation when the file is added to VLC. NOTE: it is not clear whether this issue...

Buffer overflow

Multiple buffer overflows in VideoLAN VLC media player 2.0.4 and earlier allow remote attackers to cause a denial of service crash and execute arbitrary code via vectors related to the 1 freetype renderer and 2 HTML subtitle parser...

Integer overflow

plugins/demux/libmkvplugin.dll in VideoLAN VLC Media Player 2.0.7, and possibly other versions, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted MKV file, possibly involving an integer overflow and out-of-bounds read or heap-based buffer...

Out-of-bounds

The ASF Demuxer modules/demux/asf/asf.c in VideoLAN VLC media player 2.0.5 and earlier allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted ASF movie that triggers an out-of-bounds read...

UBUNTU-CVE-2012-5855

The SHAddToRecentDocs function in VideoLAN VLC media player 2.0.4 and earlier might allow user-assisted attackers to cause a denial of service crash via a crafted file name that triggers an incorrect string-length calculation when the file is added to VLC. NOTE: it is not clear whether this issue...

CVE-2013-1954

VLC Media Player (affected: 2.0.5 and earlier) contains a vulnerability in the ASF demuxer (modules/demux/asf/asf.c) where a crafted ASF file can trigger an out-of-bounds read, leading to denial of service and potentially arbitrary code execution. The root cause is an out-of-bounds read in the AS...

CVE-2013-1868

Multiple buffer overflows in VideoLAN VLC media player 2.0.4 and earlier allow remote attackers to cause a denial of service crash and execute arbitrary code via vectors related to the 1 freetype renderer and 2 HTML subtitle parser...

CVE-2012-5855

CVE-2012-5855 affects VideoLAN VLC media player

CVE-2013-1868

CVE-2013-1868 affects VLC media player up to version 2.0.4 and earlier. The vulnerabilities are multiple buffer overflows in the freetype renderer and the HTML subtitle parser, enabling remote crashes and potential arbitrary code execution. Debian and OpenVAS advisories summarize the issue and ma...

CVE-2013-3245

CVE-2013-3245 affects VideoLAN VLC Media Player (e.g., 2.0.7) through the demuxer component plugins/demux/libmkv_plugin.dll. The issue is described as a denial of service with potential for arbitrary code execution via a crafted MKV file, possibly involving an integer overflow and out-of-bounds r...

PT-2013-4251 · Videolan · Vlc Media Player

Name of the Vulnerable Software and Affected Versions: VideoLAN VLC Media Player version 2.0.7 Description: The issue allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted MKV file. This could involve an integer overflow, out-of-bounds read, ...

VideoLAN VLC Media Player 2.0.7 - .png Crash (PoC)

VideoLAN VLC Media Player 2.0.7 - .png Crash PoC !/usr/bin/python VLC Media Player 2.0.7 PNG Crash PoC Vendor Homepage: http://www.videolan.org/ Version: 2.0.7 Tested on: Windows 7 64-bit Author: Kevin Fujimoto Debug Information: Microsoft R Windows Debugger Version 6.12.0002.633 X86 Copyright c...

VideoLAN VLC Media Player 2.0.7 - '.png' Crash (PoC)

!/usr/bin/python VLC Media Player 2.0.7 PNG Crash PoC Vendor Homepage: http://www.videolan.org/ Version: 2.0.7 Tested on: Windows 7 64-bit Author: Kevin Fujimoto Debug Information: Microsoft R Windows Debugger Version 6.12.0002.633 X86 Copyright c Microsoft Corporation. All rights reserved. wait...

VideoLAN VLC Media Player SWF Code Execution

A code execution vulnerability has been reported in VLC Media Player. The vulnerability is due to memory corruption vulnerability when handling certain SWF files. A remote attacker can exploit this vulnerability by enticing a user to open a specially crafted SWF file with a vulnerable version of...

Buffer Overflow vulnerability in VLC media player

VideoLAN recently published a security advisory warning of a buffer overflow vulnerability in versions 2.0.5 and earlier of VLC Media Player, which might be exploited to execute arbitrary code. This vulnerability was reported by Debasish Mandal. The vulnerability is caused due to an error in the...

Buffer Overflow vulnerability in VLC media player

VideoLAN recently published a security advisory warning of a buffer overflow vulnerability in versions 2.0.5 and earlier of VLC Media Player, which might be exploited to execute arbitrary code. This vulnerability was reported by Debasish Mandal. The vulnerability is caused due to an error in the...

Buffer Overflow Vulnerability Found in VLC Media Player

A buffer overflow could occur in VideoLAN’s VLC cross-platform multimedia player when attempting to parse a specially crafted advanced systems format ASF movie, a researcher reported. The vulnerability, found by security researcher Debasish Mandal, exists in the ASF demuxer of VLC media player...