Total
113 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2010-3275 | 1 Videolan | 1 Vlc Media Player | 2023-12-10 | 9.3 HIGH | N/A |
libdirectx_plugin.dll in VideoLAN VLC Media Player before 1.1.8 allows remote attackers to execute arbitrary code via a crafted width in an AMV file, related to a "dangling pointer vulnerability." | |||||
CVE-2011-2588 | 1 Videolan | 1 Vlc Media Player | 2023-12-10 | 6.8 MEDIUM | N/A |
Heap-based buffer overflow in the AVI_ChunkRead_strf function in libavi.c in the AVI demuxer in VideoLAN VLC media player before 1.1.11 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted AVI media file. | |||||
CVE-2011-1087 | 1 Videolan | 1 Vlc Media Player | 2023-12-10 | 7.6 HIGH | N/A |
Buffer overflow in VideoLAN VLC media player 1.0.5 allows user-assisted remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted .mp3 file that is played during bookmark creation. | |||||
CVE-2012-0904 | 1 Videolan | 1 Vlc Media Player | 2023-12-10 | 4.3 MEDIUM | N/A |
VLC media player 1.1.11 allows remote attackers to cause a denial of service (crash) via a long string in an amr file. | |||||
CVE-2011-0522 | 1 Videolan | 1 Vlc Media Player | 2023-12-10 | 6.8 MEDIUM | N/A |
The StripTags function in (1) the USF decoder (modules/codec/subtitles/subsdec.c) and (2) the Text decoder (modules/codec/subtitles/subsusf.c) in VideoLAN VLC Media Player 1.1 before 1.1.6-rc allows remote attackers to execute arbitrary code via a subtitle with an opening "<" without a closing ">" in an MKV file, which triggers heap memory corruption, as demonstrated using refined-australia-blu720p-sample.mkv. | |||||
CVE-2011-0021 | 1 Videolan | 1 Vlc Media Player | 2023-12-10 | 9.3 HIGH | N/A |
Multiple heap-based buffer overflows in cdg.c in the CDG decoder in VideoLAN VLC Media Player before 1.1.6 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted CDG video. | |||||
CVE-2011-2194 | 1 Videolan | 1 Vlc Media Player | 2023-12-10 | 9.3 HIGH | N/A |
Integer overflow in the XSPF playlist parser in VideoLAN VLC media player 0.8.5 through 1.1.9 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors that trigger a heap-based buffer overflow. | |||||
CVE-2010-2937 | 1 Videolan | 1 Vlc Media Player | 2023-12-10 | 5.0 MEDIUM | N/A |
The ReadMetaFromId3v2 function in taglib.cpp in the TagLib plugin in VideoLAN VLC media player 0.9.0 through 1.1.2 does not properly process ID3v2 tags, which allows remote attackers to cause a denial of service (application crash) via a crafted media file. | |||||
CVE-2011-2587 | 1 Videolan | 1 Vlc Media Player | 2023-12-10 | 6.8 MEDIUM | N/A |
Heap-based buffer overflow in the DemuxAudioSipr function in real.c in the RealMedia demuxer in VideoLAN VLC media player 1.1.x before 1.1.11 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Real Media file. | |||||
CVE-2012-1776 | 1 Videolan | 1 Vlc Media Player | 2023-12-10 | 9.3 HIGH | N/A |
Multiple heap-based buffer overflows in VideoLAN VLC media player before 2.0.1 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Real RTSP stream. | |||||
CVE-2010-0364 | 1 Videolan | 1 Vlc Media Player | 2023-12-10 | 9.3 HIGH | N/A |
Stack-based buffer overflow in VideoLAN VLC Media Player 0.8.6 allows user-assisted remote attackers to execute arbitrary code via an ogg file with a crafted Advanced SubStation Alpha Subtitle (.ass) file, probably involving the Dialogue field. | |||||
CVE-2011-0531 | 1 Videolan | 1 Vlc Media Player | 2023-12-10 | 9.3 HIGH | N/A |
demux/mkv/mkv.hpp in the MKV demuxer plugin in VideoLAN VLC media player 1.1.6.1 and earlier allows remote attackers to cause a denial of service (crash) and execute arbitrary commands via a crafted MKV (WebM or Matroska) file that triggers memory corruption, related to "class mismatching" and the MKV_IS_ID macro. | |||||
CVE-2012-1775 | 1 Videolan | 1 Vlc Media Player | 2023-12-10 | 9.3 HIGH | N/A |
Stack-based buffer overflow in VideoLAN VLC media player before 2.0.1 allows remote attackers to execute arbitrary code via a crafted MMS:// stream. | |||||
CVE-2009-1045 | 1 Videolan | 1 Vlc Media Player | 2023-12-10 | 5.0 MEDIUM | N/A |
requests/status.xml in VLC 0.9.8a allows remote attackers to cause a denial of service (stack consumption and crash) via a long input argument in an in_play action. | |||||
CVE-2008-2430 | 2 Microsoft, Videolan | 2 Windows Nt, Vlc Media Player | 2023-12-10 | 9.3 HIGH | N/A |
Integer overflow in the Open function in modules/demux/wav.c in VLC Media Player 0.8.6h on Windows allows remote attackers to execute arbitrary code via a large fmt chunk in a WAV file. | |||||
CVE-2009-2484 | 2 Microsoft, Videolan | 2 Windows, Vlc Media Player | 2023-12-10 | 9.3 HIGH | N/A |
Stack-based buffer overflow in the Win32AddConnection function in modules/access/smb.c in VideoLAN VLC media player 0.9.9, when running on Microsoft Windows, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long smb URI in a playlist file. | |||||
CVE-2008-5036 | 1 Videolan | 1 Vlc Media Player | 2023-12-10 | 9.3 HIGH | N/A |
Stack-based buffer overflow in VideoLAN VLC media player 0.9.x before 0.9.6 might allow user-assisted attackers to execute arbitrary code via an an invalid RealText (rt) subtitle file, related to the ParseRealText function in modules/demux/subtitle.c. NOTE: this issue was SPLIT from CVE-2008-5032 on 20081110. | |||||
CVE-2008-5032 | 1 Videolan | 1 Vlc Media Player | 2023-12-10 | 9.3 HIGH | N/A |
Stack-based buffer overflow in VideoLAN VLC media player 0.5.0 through 0.9.5 might allow user-assisted attackers to execute arbitrary code via the header of an invalid CUE image file, related to modules/access/vcd/cdrom.c. NOTE: this identifier originally included an issue related to RealText, but that issue has been assigned a separate identifier, CVE-2008-5036. | |||||
CVE-2008-5276 | 1 Videolan | 1 Vlc Media Player | 2023-12-10 | 9.3 HIGH | N/A |
Integer overflow in the ReadRealIndex function in real.c in the Real demuxer plugin in VideoLAN VLC media player 0.9.0 through 0.9.7 allows remote attackers to execute arbitrary code via a malformed RealMedia (.rm) file that triggers a heap-based buffer overflow. | |||||
CVE-2008-4654 | 1 Videolan | 1 Vlc Media Player | 2023-12-10 | 9.3 HIGH | N/A |
Stack-based buffer overflow in the parse_master function in the Ty demux plugin (modules/demux/ty.c) in VLC Media Player 0.9.0 through 0.9.4 allows remote attackers to execute arbitrary code via a TiVo TY media file with a header containing a crafted size value. |