Описание
Integer underflow in the MP4_ReadBox_String function in modules/demux/mp4/libmp4.c in VideoLAN VLC media player before 2.1.6 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a box size less than 7.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 2.2.0~rc2-2 |
| esm-apps/xenial | not-affected | 2.2.0~rc2-2 |
| esm-infra-legacy/trusty | DNE | trusty/esm was not-affected [2.1.6-0ubuntu14.04.1] |
| lucid | ignored | end of life |
| precise | ignored | end of life |
| precise/esm | DNE | precise was needed |
| trusty | released | 2.1.6-0ubuntu14.04.1 |
| trusty/esm | released | 2.1.6-0ubuntu14.04.1 |
| upstream | released | 2.1.6,2.2.0 |
| utopic | released | 2.2.0-0ubuntu0.14.10.1 |
Показывать по
Ссылки на источники
EPSS
6.8 Medium
CVSS2
7.8 High
CVSS3
Связанные уязвимости
Integer underflow in the MP4_ReadBox_String function in modules/demux/mp4/libmp4.c in VideoLAN VLC media player before 2.1.6 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a box size less than 7.
Integer underflow in the MP4_ReadBox_String function in modules/demux/ ...
Integer underflow in the MP4_ReadBox_String function in modules/demux/mp4/libmp4.c in VideoLAN VLC media player before 2.1.6 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a box size less than 7.
Уязвимость демультиплексора MP4 программы-медиапроигрывателя VideoLAN VLC, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании
EPSS
6.8 Medium
CVSS2
7.8 High
CVSS3