Описание
VLC media player 3.0.20 and earlier is vulnerable to denial of service through an integer overflow which could be triggered with a maliciously crafted mms stream (heap based overflow). If successful, a malicious third party could trigger either a crash of VLC or an arbitrary code execution with the target user's privileges.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 3.0.21-2 |
| esm-apps/bionic | released | 3.0.8-0ubuntu18.04.1+esm3 |
| esm-apps/focal | released | 3.0.9.2-1ubuntu0.1~esm3 |
| esm-apps/jammy | released | 3.0.16-1ubuntu0.1~esm3 |
| esm-apps/noble | released | 3.0.20-3ubuntu0.1~esm1 |
| esm-apps/xenial | released | 2.2.2-5ubuntu0.16.04.5+esm4 |
| focal | ignored | |
| jammy | ignored | |
| noble | ignored | |
| oracular | not-affected | 3.0.21-2 |
Показывать по
8 High
CVSS3
Связанные уязвимости
VLC media player 3.0.20 and earlier is vulnerable to denial of service through an integer overflow which could be triggered with a maliciously crafted mms stream (heap based overflow). If successful, a malicious third party could trigger either a crash of VLC or an arbitrary code execution with the target user's privileges.
VLC media player 3.0.20 and earlier is vulnerable to denial of service ...
VLC media player 3.0.20 and earlier is vulnerable to denial of service through an integer overflow which could be triggered with a maliciously crafted mms stream (heap based overflow). If successful, a malicious third party could trigger either a crash of VLC or an arbitrary code execution with the target user's privileges.
Уязвимость медиаплеера VLC Media Player, связанная с переполнением буфера в куче, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код в контексте root
8 High
CVSS3