109 matches found
PT-2020-2816 · Videolabs +1 · Libmicrodns +1
Name of the Vulnerable Software and Affected Versions: Videolabs libmicrodns version 0.1.0 Description: An exploitable denial-of-service issue exists in the resource allocation handling of Videolabs libmicrodns. When encountering errors while parsing mDNS messages, some allocated data is not free...
PT-2020-2144 · Videolabs +2 · Libmicrodns +2
Name of the Vulnerable Software and Affected Versions: Videolabs libmicrodns version 0.1.0 Description: The issue is related to a buffer overflow in the microdns library of the VideoLAN VLC media player, allowing a remote attacker to cause a denial of service or execute arbitrary code using a...
Vulnerability Spotlight: Multiple vulnerabilities in Videolabs libmicrodns
Claudio Bozzato of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. A specific library in the Videolabs family of software contains multiple vulnerabilities that could lead to denial of service and code execution. Videolabs is a company founded by VideoLAN members and is the...
Videolabs libmicrodns 0.1.0 TXT record RDATA-parsing denial-of-service vulnerability
Summary An exploitable denial-of-service vulnerability exists in the TXT record-parsing functionality of Videolabs libmicrodns 0.1.0. When parsing the RDATA section in a TXT record in mDNS messages, multiple integer overflows can be triggered, leading to a denial of service. An attacker can send ...
Videolabs libmicrodns 0.1.0 message-parsing bounds denial-of-service vulnerability
Summary An exploitable denial-of-service vulnerability exists in the message-parsing functionality of Videolabs libmicrodns 0.1.0. When parsing mDNS messages, the implementation does not properly keep track of the available data in the message, possibly leading to an out-of-bounds read that would...
Videolabs libmicrodns 0.1.0 resource record recursive label uncompression denial-of-service vulnerability
Summary An exploitable denial-of-service vulnerability exists in the resource record-parsing functionality of Videolabs libmicrodns 0.1.0. When parsing compressed labels in mDNS messages, the compression pointer is followed without checking for recursion, leading to a denial of service. An attack...
Videolabs libmicrodns 0.1.0 resource allocation denial-of-service vulnerabilities
Summary Multiple exploitable denial-of-service vulnerabilities exist in the resource allocation handling of Videolabs libmicrodns 0.1.0. When encountering errors while parsing mDNS messages, some allocated data is not freed, possibly leading to a denial-of-service condition via resource exhaustio...
Videolabs libmicrodns 0.1.0 rr_decode return value remote code execution vulnerability
Summary An exploitable code execution vulnerability exists in the label-parsing functionality of Videolabs libmicrodns 0.1.0. When parsing compressed labels in mDNS messages, the rrdecode function’s return value is not checked, leading to a double free that could be exploited to execute arbitrary...
Videolabs libmicrodns 0.1.0 mdns_recv return value denial-of-service vulnerability
Summary An exploitable denial-of-service vulnerability exists in the message-parsing functionality of Videolabs libmicrodns 0.1.0. When parsing mDNS messages in mdnsrecv, the return value of the mdnsreadheader function is not checked, leading to an uninitialized variable usage that eventually...