15 matches found
PT-2026-38834
GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in extract cc from data function within qtdemux.c. In the FOURCC c708 case, the subtraction atom length - 8 may result in an underflow if atom length is less than 8. When that...
EUVD-2017-8827
Malware in sbrugna...
SUSE CVE-2017-17670
In VideoLAN VLC media player through 2.2.8, there is a type conversion vulnerability in modules/demux/mp4/libmp4.c in the MP4 demux module leading to a invalid free, because the type of a box may be changed between a read operation and a free operation...
SUSE CVE-2019-14437
The xiphSplitHeaders function in modules/demux/xiph.h in VideoLAN VLC media player 3.0.7.1 does not check array bounds properly. As a result, a heap-based buffer over-read can be triggered via a crafted .ogg file...
VLC < 2.2.9 Type Conversion Vulnerability
The version of VLC media player installed on the remote host is earlier than 2.2.9. It is, therefore, affected by a type conversion vulnerability in modules/demux/mp4/libmp4.c in the MP4 demux module leading to a invalid free, because the type of a box may be changed between a read operation and ...
DEBIAN-CVE-2019-14437
The xiphSplitHeaders function in modules/demux/xiph.h in VideoLAN VLC media player 3.0.7.1 does not check array bounds properly. As a result, a heap-based buffer over-read can be triggered via a crafted .ogg file...
VideoLAN VLC media player resource management error vulnerability (CNVD-2019-31070)
VideoLAN VLC media player is a free, open source cross-platform multimedia player also a multimedia framework organized by VideoLAN France. The product supports the playback of a variety of media files, CD-ROMs, etc., a variety of audio and video formats WMV, MP3, etc. and so on. A resource...
VideoLAN VLC media player digital error vulnerability
VideoLAN VLC media player is a free, open source cross-platform multimedia player also a multimedia framework organized by VideoLAN France. The product supports the playback of a variety of media files, CD-ROMs, etc., a variety of audio and video formats WMV, MP3, etc. and so on. A numeric error...
VLC Media Player 'MP4 Demux Module' DoS Vulnerability - Mac OS X
VLC media player is prone to a denial of service vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
VLC Media Player 'MP4 Demux Module' DoS Vulnerability - Windows
VLC media player is prone to a denial of service vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
VLC 2.2.8 MP4 Demux Type Conversion Vulnerability
Exploit for linux platform in category dos / poc About ===== A type conversion vulnerability exist in the MP4 demux module in VLC =2.2.8. This issue has been assigned CVE-2017-17670 and it could be used to cause an arbitrary free. Details ======= MP4 is a container format for video, audio,...
CVE-2017-17670
In VideoLAN VLC media player through 2.2.8, there is a type conversion vulnerability in modules/demux/mp4/libmp4.c in the MP4 demux module leading to a invalid free, because the type of a box may be changed between a read operation and a free operation...
DEBIAN-CVE-2017-17670
In VideoLAN VLC media player through 2.2.8, there is a type conversion vulnerability in modules/demux/mp4/libmp4.c in the MP4 demux module leading to a invalid free, because the type of a box may be changed between a read operation and a free operation...
CVE-2017-17670
CVE-2017-17670 affects VideoLAN VLC media player up to version 2.2.8, where the MP4 demuxer (modules/demux/mp4/libmp4.c) contains a type-conversion bug that may change a box’s type between a read and a free operation, causing an invalid free. Multiple connected sources confirm VLC 2.x are vulnera...
vlcfileparse-overflow.txt
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - Orange Bat advisory - Name : VLC 0.8.6i Class : Heap overflow Published : 2008-08-16 Credit : g g orange-bat com - - Details - \modules\demux\tta.c define TTAFRAMETIME 1.04489795918367346939 . . . int iseektablesize = 0, i; . . . / Read the metada...