Computer Security
[EN] securityvulns.ru no-pyccku


Videolan vlc multiple security vulnerabilities
Published:28.07.2014
Source:
SecurityVulns ID:13889
Type:library
Threat Level:
6/10
Description:Buffer overflows on different video formats parsing.
Affected:VIDEOLAN : vlc 2.0
CVE:CVE-2013-4388 (Buffer overflow in the mp4a packetizer (modules/packetizer/mpeg4audio.c) in VideoLAN VLC Media Player before 2.0.8 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.)
 CVE-2013-1954 (The ASF Demuxer (modules/demux/asf/asf.c) in VideoLAN VLC media player 2.0.5 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted ASF movie that triggers an out-of-bounds read.)
 CVE-2013-1868 (Multiple buffer overflows in VideoLAN VLC media player 2.0.4 and earlier allow remote attackers to cause a denial of service (crash) and execute arbitrary code via vectors related to the (1) freetype renderer and (2) HTML subtitle parser.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 2973-1] vlc security update (28.07.2014)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod