15 matches found
USN-4805-1: VLC vulnerabilities
It was discovered that VLC mishandled certain crafted media files. An attacker could use this vulnerability to cause a denial of service crash or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 ESM. CVE-2017-10699 It was discovered that VLC mishandled certain crafted MKV...
VLC Media Player 2.2.8 Vulnerable to Arbitrary Code Execution (CVE-2018-11529)
VideoLAN VLC media player is prone to a use after free vulnerability which an attacker can leverage to execute arbitrary code via crafted MKV files. Failed exploit attempts will likely result in denial of service conditions...
Updated vlc packages fix security vulnerability
This update provides vlc 3.0.4 and fixes at least the following security issue: A use-after-free was discovered in the MP4 demuxer of the VLC media player, which could result in the execution of arbitrary code if a malformed media file is played CVE-2018-11529 For other fixes in this update, see...
VLC Media Player 2.2.8 MKV Use-After-Free
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'VLC Media Player MKV Use After Free', 'Description' = %q This module exploits a use after free vulnerability in VideoLAN VLC = MSFLICENSE, 'Autho...
CVE-2018-11529
creationtimestamp| type| source ---|---|--- 2018-10-10 18:56:15+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/fileformat/vlcmkv.rb 2018-10-11 10:06:21+00:00| published-proof-of-concept| https://t.me/VulnerabilityNews/2252 2018-10-16 00:00:00+00:0...
VLC Media Player <= 2.2.8 Use-After-Free RCE
The version of VLC media player installed on the remote host is equal or prior to 2.2.8. It is, therefore, affected by a use-after-free vulnerability. An attacker could leverage this vulnerability to cause a denial of service or potentially execute arbitrary code. C Tenable Network Security, Inc...
FreeBSD : vlc -- Use after free vulnerability (dc57ad48-ecbb-439b-a4d0-5869be47684e)
Mitre reports : VideoLAN VLC media player 2.2.x is prone to a use after free vulnerability which an attacker can leverage to execute arbitrary code via crafted MKV files. Failed exploit attempts will likely result in denial of service conditions. C Tenable Network Security, Inc. The descriptive...
Debian DSA-4251-1 : vlc - security update
A use-after-free was discovered in the MP4 demuxer of the VLC media player, which could result in the execution of arbitrary code if a malformed media file is played. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Adviso...
CVE-2018-11529
VideoLAN VLC media player 2.2.x is prone to a use after free vulnerability which an attacker can leverage to execute arbitrary code via crafted MKV files. Failed exploit attempts will likely result in denial of service conditions...
CVE-2018-11529
VLC media player 2.2.x is affected by a use-after-free vulnerability in the MP4 demuxer that can be triggered by crafted MKV files, enabling arbitrary code execution. In the documented exploitchain, VLC 2.2.8 (and earlier 2.2.x) is at risk, with failures potentially causing denial of service. The...
VLC media player 2.2.8 Arbitrary Code Execution PoC(CVE-2018-11529)
Exploit Title: VLC media player 2.2.8 Arbitrary Code Execution PoC Date: 6-6-2018 Exploit Author: Eugene Ng Vendor Homepage: https://www.videolan.org/vlc/index.html Software Link: http://download.videolan.org/pub/videolan/vlc/2.2.8/win64/vlc-2.2.8-win64.exe Version: 2.2.8 Tested on: Windows 10 x6...
VLC Media Player 2.2.8 Arbitrary Code Execution
Message Classification: Restricted Exploit Title: VLC media player 2.2.8 Arbitrary Code Execution PoC Date: 6-6-2018 Exploit Author: Eugene Ng Vendor Homepage: https://www.videolan.org/vlc/index.html Software Link: http://download.videolan.org/pub/videolan/vlc/2.2.8/win64/vlc-2.2.8-win64.exe...
VLC media player 2.2.8 - Arbitrary Code Execution (PoC)
VLC media player 2.2.8 - Arbitrary Code Execution PoC Exploit Title: VLC media player 2.2.8 - Arbitrary Code Execution PoC Date: 2018-06-06 Exploit Author: Eugene Ng Vendor Homepage: https://www.videolan.org/vlc/index.html Software Link:...
VLC media player 2.2.8 - Arbitrary Code Execution (PoC)
Exploit Title: VLC media player 2.2.8 - Arbitrary Code Execution PoC Date: 2018-06-06 Exploit Author: Eugene Ng Vendor Homepage: https://www.videolan.org/vlc/index.html Software Link: http://download.videolan.org/pub/videolan/vlc/2.2.8/win64/vlc-2.2.8-win64.exe Version: 2.2.8 Tested on: Windows 1...
segaclassics.com XSS vulnerability
Open Bug Bounty ID: OBB-245031 Description| Value ---|--- Affected Website:| segaclassics.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...