Buffer overflow in Videolan Vlc_media_player
CVE-2011-3623
Multiple stack-based buffer overflows in VideoLAN VLC media player before 1.0.2 allow remote attackers to execute arbitrary code via (1) a crafted ASF file, related to the ASF_ObjectDumpDebug function in modules/demux/asf/libasf.c; (2) a c…
Vulnerability class: Buffer Overflow
EPSS: 0.037 (88.2th percentile) — read the EPSS interpretation.
Affected products
- Videolan Vlc_media_player — versions 0.5.0, 0.5.1, 0.5.2
- N/a — versions n/a
Weakness classification (CWE)
References
- secalert@redhat.com (x_refsource_CONFIRM, Vendor Advisory)
- secalert@redhat.com (x_refsource_CONFIRM)
- secalert@redhat.com (x_refsource_CONFIRM)
- secalert@redhat.com (x_refsource_CONFIRM)
- [oss-security] 20111018 Re: CVE requests: <media-video/vlc-1.0.2: Multiple stack-based buffer overflows in ASF, AVI, MP4 demuxers and https://bugs.gentoo.org/show_bug.cgi?id=279340 (mailing-list, x_refsource_MLIST)
- secalert@redhat.com (x_refsource_CONFIRM)