Multiple stack-based buffer overflow vulnerabilities in VideoLAN VLC media player via crafted filesID: oval:org.secpod.oval:def:22341 | Date: (C)2015-01-02 (M)2023-11-13 |
Class: VULNERABILITY | Family: windows |
The host is installed with VideoLAN VLC media player 0.5.0 through 1.0.1 and is prone to multiple stack-based buffer overflow vulnerabilities. The flaws are present in the application, which fails to handle (1) a crafted ASF file, related to the ASF_ObjectDumpDebug function in modules/demux/asf/libasf.c; (2) a crafted AVI file, related to the AVI_ChunkDumpDebug_level function in modules/demux/avi/libavi.c; or (3) a crafted MP4 file, related to the __MP4_BoxDumpStructure function in modules/demux/mp4/libmp4.c. Successful exploitation could allow attackers to execute arbitrary code.
Platform: |
Microsoft Windows 11 |
Microsoft Windows Server 2022 |
Microsoft Windows Server |
Microsoft Windows Server 2019 |
Microsoft Windows Server 2016 |
Microsoft Windows 7 |
Microsoft Windows 8 |
Microsoft Windows 8.1 |
Microsoft Windows Server 2012 R2 |
Microsoft Windows Server 2003 |
Microsoft Windows Server 2008 |
Microsoft Windows Server 2008 R2 |
Microsoft Windows Server 2012 |
Microsoft Windows Vista |
Microsoft Windows XP |
Microsoft Windows 10 |