Lucene search
Ubuntu.comUB:CVE-2014-9598HistoryJan 21, 2015 - 12:00 a.m.
CVE-2014-9598
2015-01-2100:00:00
ubuntu.com
ubuntu.com
12
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.122 Low
EPSS
Percentile
95.4%
The picture_Release function in misc/picture.c in VideoLAN VLC media player
2.1.5 allows remote attackers to execute arbitrary code or cause a denial
of service (write access violation) via a crafted M2V file.
Bugs
Notes
| Author | Note |
|---|---|
| seth-arnold | vlc claims the bug is in libav, but also say “the 2.2.0-rc2 binaries already fix the problem” |
| mdeslaur | as of 2015-05-08, no indication of a libav fix can’t reproduce with vlc 2.1.6 in trusty, or with precise |
Related
cve
cve
CVE-2014-9598
2015-01-21 15:17:10
cvelist
cvelist
CVE-2014-9598
2015-01-21 11:00:00
nvd
nvd
CVE-2014-9598
2015-01-21 15:17:10
exploitpack
exploitpack
VideoLAN VLC Media Player 2.1.5 - Write Access Violation
2015-01-26 00:00:00
prion
prion
Design/Logic Flaw
2015-01-21 15:17:00
exploitdb
exploitdb
VideoLAN VLC Media Player 2.1.5 - Write Access Violation
2015-01-26 00:00:00
openvas
openvas
VLC Media Player Multiple Vulnerabilities (Jan 2015) - Windows
2015-01-27 00:00:00
VLC Media Player Multiple Vulnerabilities (Jan 2015) - Mac OS X
2015-01-27 00:00:00
VLC Media Player Multiple Vulnerabilities -02 (Jan 2015) - Linux
2015-01-27 00:00:00
kaspersky
kaspersky
KLA10451 Multiple vulnerabilities in VLC
2015-01-21 00:00:00
nessus
nessus
VLC < 2.1.6 Multiple Vulnerabilities
2020-06-24 00:00:00
GLSA-201603-08 : VLC: Multiple vulnerabilities
2016-03-14 00:00:00
gentoo
gentoo
VLC: Multiple vulnerabilities
2016-03-12 00:00:00
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.122 Low
EPSS
Percentile
95.4%
Related for UB:CVE-2014-9598