Lucene search
K

109 matches found

Positive Technologies
Positive Technologies
added 2020/03/24 12:0 a.m.4 views

PT-2020-2816 · Videolabs +1 · Libmicrodns +1

Name of the Vulnerable Software and Affected Versions: Videolabs libmicrodns version 0.1.0 Description: An exploitable denial-of-service issue exists in the resource allocation handling of Videolabs libmicrodns. When encountering errors while parsing mDNS messages, some allocated data is not free...

9.8CVSS8.6AI score0.03636EPSS
Exploits8References53
Positive Technologies
Positive Technologies
added 2020/03/24 12:0 a.m.3 views

PT-2020-2144 · Videolabs +2 · Libmicrodns +2

Name of the Vulnerable Software and Affected Versions: Videolabs libmicrodns version 0.1.0 Description: The issue is related to a buffer overflow in the microdns library of the VideoLAN VLC media player, allowing a remote attacker to cause a denial of service or execute arbitrary code using a...

9.8CVSS9.5AI score0.03636EPSS
Exploits8References54
Talos Blog
Talos Blog
added 2020/03/23 8:21 a.m.31 views

Vulnerability Spotlight: Multiple vulnerabilities in Videolabs libmicrodns

Claudio Bozzato of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. A specific library in the Videolabs family of software contains multiple vulnerabilities that could lead to denial of service and code execution. Videolabs is a company founded by VideoLAN members and is the...

3.1AI score
Exploits0
Talos
Talos
added 2020/03/23 12:0 a.m.62 views

Videolabs libmicrodns 0.1.0 TXT record RDATA-parsing denial-of-service vulnerability

Summary An exploitable denial-of-service vulnerability exists in the TXT record-parsing functionality of Videolabs libmicrodns 0.1.0. When parsing the RDATA section in a TXT record in mDNS messages, multiple integer overflows can be triggered, leading to a denial of service. An attacker can send ...

7.5CVSS7.4AI score0.02396EPSS
Exploits1
Talos
Talos
added 2020/03/23 12:0 a.m.35 views

Videolabs libmicrodns 0.1.0 message-parsing bounds denial-of-service vulnerability

Summary An exploitable denial-of-service vulnerability exists in the message-parsing functionality of Videolabs libmicrodns 0.1.0. When parsing mDNS messages, the implementation does not properly keep track of the available data in the message, possibly leading to an out-of-bounds read that would...

7.5CVSS7.9AI score0.02396EPSS
Exploits1
Talos
Talos
added 2020/03/23 12:0 a.m.61 views

Videolabs libmicrodns 0.1.0 resource record recursive label uncompression denial-of-service vulnerability

Summary An exploitable denial-of-service vulnerability exists in the resource record-parsing functionality of Videolabs libmicrodns 0.1.0. When parsing compressed labels in mDNS messages, the compression pointer is followed without checking for recursion, leading to a denial of service. An attack...

7.5CVSS7.4AI score0.02396EPSS
Exploits1
Talos
Talos
added 2020/03/23 12:0 a.m.41 views

Videolabs libmicrodns 0.1.0 resource allocation denial-of-service vulnerabilities

Summary Multiple exploitable denial-of-service vulnerabilities exist in the resource allocation handling of Videolabs libmicrodns 0.1.0. When encountering errors while parsing mDNS messages, some allocated data is not freed, possibly leading to a denial-of-service condition via resource exhaustio...

7.5CVSS8.1AI score0.03011EPSS
Exploits2
Talos
Talos
added 2020/03/23 12:0 a.m.45 views

Videolabs libmicrodns 0.1.0 rr_decode return value remote code execution vulnerability

Summary An exploitable code execution vulnerability exists in the label-parsing functionality of Videolabs libmicrodns 0.1.0. When parsing compressed labels in mDNS messages, the rrdecode function’s return value is not checked, leading to a double free that could be exploited to execute arbitrary...

9.8CVSS8.2AI score0.03636EPSS
Exploits1
Talos
Talos
added 2020/03/23 12:0 a.m.63 views

Videolabs libmicrodns 0.1.0 mdns_recv return value denial-of-service vulnerability

Summary An exploitable denial-of-service vulnerability exists in the message-parsing functionality of Videolabs libmicrodns 0.1.0. When parsing mDNS messages in mdnsrecv, the return value of the mdnsreadheader function is not checked, leading to an uninitialized variable usage that eventually...

7.5CVSS7.4AI score0.03011EPSS
Exploits1
Rows per page
Query Builder