Описание
A heap-based buffer overflow in the hxxx_AnnexB_to_xVC function in modules/packetizer/hxxx_nal.c in VideoLAN VLC media player before 3.0.11 for macOS/iOS allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted H.264 Annex-B video (.avi for example) file.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needed |
| devel | not-affected | 3.0.11-1 |
| eoan | ignored | end of life |
| esm-apps/bionic | released | 3.0.8-0ubuntu18.04.1+esm1 |
| esm-apps/focal | released | 3.0.9.2-1ubuntu0.1~esm1 |
| esm-apps/jammy | not-affected | 3.0.11-1 |
| esm-apps/noble | not-affected | 3.0.11-1 |
| esm-apps/xenial | not-affected | code not present |
| focal | ignored | end of standard support, was needed |
| groovy | not-affected | 3.0.11-1 |
Показывать по
Ссылки на источники
6.8 Medium
CVSS2
7.8 High
CVSS3
Связанные уязвимости
A heap-based buffer overflow in the hxxx_AnnexB_to_xVC function in modules/packetizer/hxxx_nal.c in VideoLAN VLC media player before 3.0.11 for macOS/iOS allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted H.264 Annex-B video (.avi for example) file.
A heap-based buffer overflow in the hxxx_AnnexB_to_xVC function in mod ...
A heap-based buffer overflow in the hxxx_AnnexB_to_xVC function in modules/packetizer/hxxx_nal.c in VideoLAN VLC media player through 3.2.8 for iOS, and through 3.0.10 for macOS, allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted H.264 Annex-B video (.avi for example) file.
Уязвимость функции hxxx_AnnexB_to_xVC() программы-медиапроигрывателя Videolan VLC, позволяющая нарушителю выполнить произвольный код
6.8 Medium
CVSS2
7.8 High
CVSS3