VideoLAN VLC media player before 2.1.5 allows remote attackers to execute arbitrary code or cause a denial of service.
References
Link | Resource |
---|---|
http://billblough.net/blog/2015/03/04/cve-2014-6440-heap-overflow-in-vlc-transcode-module/ | Exploit Patch Technical Description Third Party Advisory |
http://seclists.org/oss-sec/2015/q1/751 | Patch Third Party Advisory VDB Entry |
http://www.securityfocus.com/bid/72950 | Third Party Advisory VDB Entry |
http://www.videolan.org/developers/vlc-branch/NEWS | Release Notes Vendor Advisory |
https://security.gentoo.org/glsa/201603-08 | Third Party Advisory VDB Entry |
Configurations
History
No history.
Information
Published : 2017-03-28 15:59
Updated : 2024-02-28 15:44
NVD link : CVE-2014-6440
Mitre link : CVE-2014-6440
CVE.ORG link : CVE-2014-6440
JSON object : View
Products Affected
videolan
- vlc
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer