Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-cwpg-j8r2-wpc3

Опубликовано: 17 мая 2022
Источник: github
Github: Не прошло ревью
CVSS3: 7.8

Описание

The rtp_packetize_xiph_config function in modules/stream_out/rtpfmt.c in VideoLAN VLC media player before 2.1.6 uses a stack-allocation approach with a size determined by arbitrary input data, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted length value.

The rtp_packetize_xiph_config function in modules/stream_out/rtpfmt.c in VideoLAN VLC media player before 2.1.6 uses a stack-allocation approach with a size determined by arbitrary input data, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted length value.

Ссылки

EPSS

Процентиль: 60%
0.00398
Низкий

7.8 High

CVSS3

CVE ID

CVE-2014-9630

Дефекты

CWE-119

Связанные уязвимости

ubuntu логотип

CVE-2014-9630

CVSS3: 7.8
ubuntu
около 6 лет назад

The rtp_packetize_xiph_config function in modules/stream_out/rtpfmt.c in VideoLAN VLC media player before 2.1.6 uses a stack-allocation approach with a size determined by arbitrary input data, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted length value.

nvd логотип

CVE-2014-9630

CVSS3: 7.8
nvd
около 6 лет назад

The rtp_packetize_xiph_config function in modules/stream_out/rtpfmt.c in VideoLAN VLC media player before 2.1.6 uses a stack-allocation approach with a size determined by arbitrary input data, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted length value.

debian логотип

CVE-2014-9630

CVSS3: 7.8
debian
около 6 лет назад

The rtp_packetize_xiph_config function in modules/stream_out/rtpfmt.c ...

fstec логотип

BDU:2019-03984

CVSS3: 9.8
fstec
около 11 лет назад

Уязвимость реализации протокола RTP программы-медиапроигрывателя VideoLAN VLC, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании

EPSS

Процентиль: 60%
0.00398
Низкий

7.8 High

CVSS3

CVE ID

CVE-2014-9630

Дефекты

CWE-119