Total
113 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2010-1445 | 1 Videolan | 1 Vlc Media Player | 2024-02-28 | 7.5 HIGH | N/A |
Heap-based buffer overflow in VideoLAN VLC media player before 1.0.6 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted byte stream in an RTMP session. | |||||
CVE-2013-7340 | 1 Videolan | 1 Vlc Media Player | 2024-02-28 | 4.3 MEDIUM | N/A |
VideoLAN VLC Media Player before 2.0.7 allows remote attackers to cause a denial of service (memory consumption) via a crafted playlist file. | |||||
CVE-2014-1684 | 1 Videolan | 1 Vlc Media Player | 2024-02-28 | 4.3 MEDIUM | N/A |
The ASF_ReadObject_file_properties function in modules/demux/asf/libasf.c in the ASF Demuxer in VideoLAN VLC Media Player before 2.1.3 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a zero minimum and maximum data packet size in an ASF file. | |||||
CVE-2010-2062 | 1 Videolan | 1 Vlc Media Player | 2024-02-28 | 7.5 HIGH | N/A |
Integer underflow in the real_get_rdt_chunk function in real.c, as used in modules/access/rtsp/real.c in VideoLAN VLC media player before 1.0.1 and stream/realrtsp/real.c in MPlayer before r29447, allows remote attackers to execute arbitrary code via a crafted length value in an RDT chunk header. | |||||
CVE-2010-1444 | 1 Videolan | 1 Vlc Media Player | 2024-02-28 | 7.5 HIGH | N/A |
The ZIP archive decompressor in VideoLAN VLC media player before 1.0.6 allows remote attackers to cause a denial of service (invalid memory access and application crash) or possibly execute arbitrary code via a crafted archive. | |||||
CVE-2011-3623 | 1 Videolan | 1 Vlc Media Player | 2024-02-28 | 7.5 HIGH | N/A |
Multiple stack-based buffer overflows in VideoLAN VLC media player before 1.0.2 allow remote attackers to execute arbitrary code via (1) a crafted ASF file, related to the ASF_ObjectDumpDebug function in modules/demux/asf/libasf.c; (2) a crafted AVI file, related to the AVI_ChunkDumpDebug_level function in modules/demux/avi/libavi.c; or (3) a crafted MP4 file, related to the __MP4_BoxDumpStructure function in modules/demux/mp4/libmp4.c. | |||||
CVE-2013-6283 | 1 Videolan | 1 Vlc Media Player | 2024-02-28 | 7.5 HIGH | N/A |
VideoLAN VLC Media Player 2.0.8 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in a URL in a m3u file. | |||||
CVE-2013-1868 | 1 Videolan | 1 Vlc Media Player | 2024-02-28 | 9.3 HIGH | N/A |
Multiple buffer overflows in VideoLAN VLC media player 2.0.4 and earlier allow remote attackers to cause a denial of service (crash) and execute arbitrary code via vectors related to the (1) freetype renderer and (2) HTML subtitle parser. | |||||
CVE-2013-4388 | 1 Videolan | 1 Vlc Media Player | 2024-02-28 | 6.8 MEDIUM | N/A |
Buffer overflow in the mp4a packetizer (modules/packetizer/mpeg4audio.c) in VideoLAN VLC Media Player before 2.0.8 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors. | |||||
CVE-2012-3377 | 1 Videolan | 1 Vlc Media Player | 2024-02-28 | 6.8 MEDIUM | N/A |
Heap-based buffer overflow in the Ogg_DecodePacket function in the OGG demuxer (modules/demux/ogg.c) in VideoLAN VLC media player before 2.0.2 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted OGG file. | |||||
CVE-2012-2396 | 1 Videolan | 1 Vlc Media Player | 2024-02-28 | 4.3 MEDIUM | N/A |
VideoLAN VLC media player 2.0.1 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted MP4 file. | |||||
CVE-2012-5470 | 1 Videolan | 1 Vlc Media Player | 2024-02-28 | 4.3 MEDIUM | N/A |
libpng_plugin in VideoLAN VLC media player 2.0.3 allows remote attackers to cause a denial of service (application crash) via a crafted PNG file. | |||||
CVE-2012-5855 | 1 Videolan | 1 Vlc Media Player | 2024-02-28 | 4.3 MEDIUM | N/A |
The SHAddToRecentDocs function in VideoLAN VLC media player 2.0.4 and earlier might allow user-assisted attackers to cause a denial of service (crash) via a crafted file name that triggers an incorrect string-length calculation when the file is added to VLC. NOTE: it is not clear whether this issue crosses privilege boundaries or whether it can be exploited without user interaction. | |||||
CVE-2012-0023 | 1 Videolan | 1 Vlc Media Player | 2024-02-28 | 9.3 HIGH | N/A |
Double free vulnerability in the get_chunk_header function in modules/demux/ty.c in VideoLAN VLC media player 0.9.0 through 1.1.12 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TiVo (TY) file. | |||||
CVE-2013-1954 | 1 Videolan | 1 Vlc Media Player | 2024-02-28 | 6.8 MEDIUM | N/A |
The ASF Demuxer (modules/demux/asf/asf.c) in VideoLAN VLC media player 2.0.5 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted ASF movie that triggers an out-of-bounds read. | |||||
CVE-2011-2587 | 1 Videolan | 1 Vlc Media Player | 2024-02-28 | 6.8 MEDIUM | N/A |
Heap-based buffer overflow in the DemuxAudioSipr function in real.c in the RealMedia demuxer in VideoLAN VLC media player 1.1.x before 1.1.11 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Real Media file. | |||||
CVE-2010-0364 | 1 Videolan | 1 Vlc Media Player | 2024-02-28 | 9.3 HIGH | N/A |
Stack-based buffer overflow in VideoLAN VLC Media Player 0.8.6 allows user-assisted remote attackers to execute arbitrary code via an ogg file with a crafted Advanced SubStation Alpha Subtitle (.ass) file, probably involving the Dialogue field. | |||||
CVE-2011-0522 | 1 Videolan | 1 Vlc Media Player | 2024-02-28 | 6.8 MEDIUM | N/A |
The StripTags function in (1) the USF decoder (modules/codec/subtitles/subsdec.c) and (2) the Text decoder (modules/codec/subtitles/subsusf.c) in VideoLAN VLC Media Player 1.1 before 1.1.6-rc allows remote attackers to execute arbitrary code via a subtitle with an opening "<" without a closing ">" in an MKV file, which triggers heap memory corruption, as demonstrated using refined-australia-blu720p-sample.mkv. | |||||
CVE-2011-2588 | 1 Videolan | 1 Vlc Media Player | 2024-02-28 | 6.8 MEDIUM | N/A |
Heap-based buffer overflow in the AVI_ChunkRead_strf function in libavi.c in the AVI demuxer in VideoLAN VLC media player before 1.1.11 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted AVI media file. | |||||
CVE-2010-3907 | 1 Videolan | 1 Vlc Media Player | 2024-02-28 | 9.3 HIGH | N/A |
Multiple integer overflows in real.c in the Real demuxer plugin in VideoLAN VLC Media Player before 1.1.6 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a zero i_subpackets value in a Real Media file, leading to a heap-based buffer overflow. |