virus logo Intrusion Prevention

VLC.Media.Player.mp4.trun.Atom.NULL.Pointer.Dereference

description-logoDescription

This indicates an attack attempt against a Null Pointer Dereference vulnerability in VLC which is a cross-platform media player.
The vulnerability is due to insufficient validation on the value of the 'size' field in atom 'trun' when parsing "traf" atoms. A remote attacker may be able to exploit this to cause a denial of service condition on the affected system.

affected-products-logoAffected Products

VLC media player 2.2.1
Prior versions may be affected too

Impact logoImpact

Denial of Service: Remote attackers can crash vulnerable systems.

recomended-action-logoRecommended Actions

Upgrade to the latest version which can be downloaded from http://www.videolan.org/index.html.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

References

https://www.videolan.org/developers/vlc-branch/NEWS
ID 40516
Created May 08, 2015
Updated Aug 09, 2023
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
CVE ID
Default Action drop
Active
Affected OS All
Affected App Other