VLC Player Gets Patched for Two High-Severity Bugs

Maintainers of the popular open-source VLC media player patched two high-severity bugs Friday. The flaws were an out-of-bound write vulnerability and a stack-buffer-overflow bug. Developers behind the software, VideoLAN, said the patches were two of 33 fixes being pushed out to the media player a...

VLC (European Commission - DIGIT): VLC 4.0.0 - Stack Buffer Overflow (SEH)

Summary: Incorrect calculation of Buffer Size in rist module for VLC leading to Stack Overflow with SEH chain overwrite. The modules/access/rist module has an incorrect calculation of buffer size giving an attacker the possibility to set the buffer size of a local variable by sending a maliciousl...