VLC.Media.Player.mp4.trun.Atom.NULL.Pointer.Dereference
Description
This indicates an attack attempt against a Null Pointer Dereference vulnerability in VLC which is a cross-platform media player.
The vulnerability is due to insufficient validation on the value of the 'size' field in atom 'trun' when parsing "traf" atoms. A remote attacker may be able to exploit this to cause a denial of service condition on the affected system.
Affected Products
VLC media player 2.2.1
Prior versions may be affected too
Impact
Denial of Service: Remote attackers can crash vulnerable systems.
Recommended Actions
Upgrade to the latest version which can be downloaded from http://www.videolan.org/index.html.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |