VideoLAN.VLC.Subtitle.Buffer.Overflow
Description
This indicates an attempt to exploit one of multiple buffer-overflow vulnerabilities in VLC Media Player.
There are two vulnerabilities in VLC Media Player.
The first is caused by a buffer-overflow that occurs when handling subtitles.
The second is caused by a format string error in the tiny web interface. Either vulnerability can be exploited by attackers to crash the application or execute arbitrary code.
Affected Products
VLC version 0.8.6d 0.8.6b
Other versions may also be affected.
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Fixes have been committed to the subversion repository of VLC, but currently we are not aware of a vendor supplied patch for this issue.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2023-08-01 | 25.612 | Name:VideoLan. VLC. Subtitle. Buffer. Overflow:VideoLAN. VLC. Subtitle. Buffer. Overflow |