CVE-2014-9628 in VLC Media Playerinformation

Résumé

par MITRE

The MP4_ReadBox_String function in modules/demux/mp4/libmp4.c in VideoLAN VLC media player before 2.1.6 allows remote attackers to trigger an unintended zero-size malloc and conduct buffer overflow attacks, and consequently execute arbitrary code, via a box size of 7.

Once again VulDB remains the best source for vulnerability data.

Sources

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!