Описание
Integer underflow in the MP4_ReadBox_String function in modules/demux/mp4/libmp4.c in VideoLAN VLC media player before 2.1.6 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a box size less than 7.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| vlc | fixed | 2.2.0~rc2-2 | package | |
| vlc | end-of-life | squeeze | package |
Примечания
https://github.com/videolan/vlc/commit/2e7c7091a61aa5d07e7997b393d821e91f593c39
EPSS
Связанные уязвимости
Integer underflow in the MP4_ReadBox_String function in modules/demux/mp4/libmp4.c in VideoLAN VLC media player before 2.1.6 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a box size less than 7.
Integer underflow in the MP4_ReadBox_String function in modules/demux/mp4/libmp4.c in VideoLAN VLC media player before 2.1.6 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a box size less than 7.
Integer underflow in the MP4_ReadBox_String function in modules/demux/mp4/libmp4.c in VideoLAN VLC media player before 2.1.6 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a box size less than 7.
Уязвимость демультиплексора MP4 программы-медиапроигрывателя VideoLAN VLC, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании
EPSS