Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2014-9627

Опубликовано: 24 янв. 2020
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 6.8
CVSS3: 7.8

Описание

The MP4_ReadBox_String function in modules/demux/mp4/libmp4.c in VideoLAN VLC media player before 2.1.6 performs an incorrect cast operation from a 64-bit integer to a 32-bit integer, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large box size.

РелизСтатусПримечание
devel

not-affected

2.2.0~rc2-2
esm-apps/xenial

not-affected

2.2.0~rc2-2
esm-infra-legacy/trusty

DNE

trusty/esm was not-affected [2.1.6-0ubuntu14.04.1]
lucid

ignored

end of life
precise

ignored

end of life
precise/esm

DNE

precise was needed
trusty

released

2.1.6-0ubuntu14.04.1
trusty/esm

released

2.1.6-0ubuntu14.04.1
upstream

released

2.1.6,2.2.0
utopic

released

2.2.0-0ubuntu0.14.10.1

Показывать по

Ссылки на источники

EPSS

Процентиль: 56%
0.00338
Низкий

6.8 Medium

CVSS2

7.8 High

CVSS3

Связанные уязвимости

nvd логотип

CVE-2014-9627

CVSS3: 7.8
nvd
около 6 лет назад

The MP4_ReadBox_String function in modules/demux/mp4/libmp4.c in VideoLAN VLC media player before 2.1.6 performs an incorrect cast operation from a 64-bit integer to a 32-bit integer, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large box size.

debian логотип

CVE-2014-9627

CVSS3: 7.8
debian
около 6 лет назад

The MP4_ReadBox_String function in modules/demux/mp4/libmp4.c in Video ...

github логотип

GHSA-9cc5-vmmw-23ff

github
больше 3 лет назад

The MP4_ReadBox_String function in modules/demux/mp4/libmp4.c in VideoLAN VLC media player before 2.1.6 performs an incorrect cast operation from a 64-bit integer to a 32-bit integer, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large box size.

fstec логотип

BDU:2019-03981

CVSS3: 9.8
fstec
около 11 лет назад

Уязвимость демультиплексора MP4 программы-медиапроигрывателя VideoLAN VLC, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании

EPSS

Процентиль: 56%
0.00338
Низкий

6.8 Medium

CVSS2

7.8 High

CVSS3