CVE-2019-2185

In VlcDequantH263IntraBlockSH of vlcdequant.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-7.1.1...

CVE-2019-5460

Double Free in VLC versions = 3.0.6 leads to a crash...

USN-7243-1: VLC vulnerability

It was discovered that VLC incorrectly handled memory when reading an MMS stream. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS : VLC vulnerability (USN-7243-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-7243-1 advisory. It was discovered that VLC incorrectly handled memory when reading an MMS stream. An attacker could possibly use...

ROS-2-466

2.466 VLC vulnerabilities with specially designed playlists 1. Vulnerability description: A remote user can create a specially crafted file that can cause various issues. It is possible to trigger remote code execution through a specially created playlist and trick the user into interacting with...

ROS-2-1221

2.1221 Vulnerability in VLC CVE-2019-19721, CVE-2020-6071, CVE-2020-6072, CVE-2020-6073, CVE-2020-6077, CVE-2020-6078, CVE-2020-6079 1. Vulnerability Description: The vulnerability allows a remote user to: - create a customized image file that can cause an out-of-bounds read, - send a specially...

CVE-2023-47359

Videolan VLC prior to version 3.0.20 contains an incorrect offset read that leads to a Heap-Based Buffer Overflow in function GetPacket and results in a memory corruption...

ROS-2-639

2.639 Vulnerability in VLC CVE-2019-19721, CVE-2020-6071, CVE-2020-6072, CVE-2020-6073, CVE-2020-6077, CVE-2020-6078, CVE-2020-6079 1. Vulnerability Description: The vulnerability allows a remote user to: - create a customized image file that can cause an out-of-bounds read, - send a specially...

ROS-2-1534

2.1534 VLC vulnerabilities with specially designed playlists 1. Vulnerability description: A remote user can create a specially crafted file that can cause various issues. It is possible to trigger remote code execution through a specially created playlist and trick the user into interacting with...

ROS-2-799

2.799 VLC vulnerability CVE-2020-13428 1. Vulnerability description: Vulnerability in VLC 3.0.11 player The vulnerability could cause a buffer overflow in the hxxxAnnexBtoxVC function. The vulnerability potentially allows to organize attacker's code execution when playing specially formatted vide...

ROS-2-803

2.803 Vulnerability in VLC CVE-2019-19721, CVE-2020-6071, CVE-2020-6072, CVE-2020-6073, CVE-2020-6077, CVE-2020-6078, CVE-2020-6079 1. Vulnerability Description: The vulnerability allows a remote user to: - create a customized image file that can cause an out-of-bounds read, - send a specially...

ROS-2-614

2.614 Vulnerability in VLC CVE-2019-19721, CVE-2020-6071, CVE-2020-6072, CVE-2020-6073, CVE-2020-6077, CVE-2020-6078, CVE-2020-6079 1. Vulnerability Description: The vulnerability allows a remote user to: - create a customized image file that can cause an out-of-bounds read, - send a specially...

Arbitrary Code Execution

vlc is vulnerable to arbitrary code execution. An out-of-bounds read in the AVIExtractSubtitle component allows an attacker to execute arbitrary code on the host OS via a malicious .avi file...

Arbitrary Code Execution

vlc is vulnerable to arbitrary code execution. A use-after-free in the Control function in demux/mkv/mkv.cpp allows an attacker to execute arbitrary code on the host OS...

Arbitrary Code Execution

vlc is vulnerable to arbitrary code execution. The vulnerability exists a heap-based buffer over-read exists in DemuxInit in demux/asf/asf.c...

DEBIAN-CVE-2019-13602

An Integer Underflow in MP4EIA608Convert in modules/demux/mp4/mp4.c in VideoLAN VLC media player through 3.0.7.1 allows remote attackers to cause a denial of service heap-based buffer overflow and crash or possibly have unspecified other impact via a crafted .mp4 file...

VideoLAN VLC media player buffer overflow vulnerability (CNVD-2019-25509)

VideoLAN VLC media player is a free, open source cross-platform multimedia player also a multimedia framework organized by VideoLAN France. The product supports the playback of a variety of media files, CD-ROMs, etc., a variety of audio and video formats WMV, MP3, etc. and so on. A buffer overflo...

vlcmms-overflow.txt

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - Orange Bat advisory - Name : VLC 0.8.6i MMS Protocol Handling Class : Heap Overflow Published : 2008-08-24 Credit : g g orange-bat com - - Details - This can be exploited from remote. User have to open mmst:// link poiting to server controlled by...

CVE-2008-1881

Stack-based buffer overflow in the ParseSSA function modules/demux/subtitle.c in VLC 0.8.6e allows remote attackers to execute arbitrary code via a long subtitle in an SSA file. NOTE: this issue is due to an incomplete fix for CVE-2007-6681...