VideoLAN VLC null pointer dereference vulnerability

VideoLAN VLC is an open source cross-platform multimedia player and framework that can play most multimedia files, as well as DVDs, audio CDs, VCDs, and various streaming protocols. a null pointer dereference vulnerability exists in "Open" in avi.c in VideoLAN VLC version 3.0.11, which can be...

CVE-2021-25804

A NULL-pointer dereference in "Open" in avi.c of VideoLAN VLC Media Player 3.0.11 can a denial of service DOS in the application...

CVE-2021-25804

A NULL-pointer dereference in "Open" in avi.c of VideoLAN VLC Media Player 3.0.11 can a denial of service DOS in the application...

CVE-2021-25804

CVE-2021-25804 is a NULL-pointer dereference in Open of avi.c in VideoLAN VLC Media Player 3.0.11, leading to a DoS. Public fixes exist: Debian DLA-2728-1 applies VLC 3.0.11-0+deb9u2; Ubuntu USN-6180-1 references the same CVEs; OpenVAS and CNVD/NVD entries corroborate the advisory. The Debian/Ubu...

CVE-2021-25804

A NULL-pointer dereference in "Open" in avi.c of VideoLAN VLC Media Player 3.0.11 can a denial of service DOS in the application...

CVE-2021-25804

A NULL-pointer dereference in "Open" in avi.c of VideoLAN VLC Media Player 3.0.11 can a denial of service DOS in the application...

vlc -- Buffer overflow vulnerability

zhangyang reports: The ReadFrame function in the avi.c file uses a variable iwidthbytes, which is obtained directly from the file. It is a signed integer. It does not do a strict check before the memory operationmemmove, memcpy, which may cause a buffer overflow...