Videolan

Vlc Media Player

114 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2016-3941

Exploit
  • EPSS 0.31%
  • Veröffentlicht 18.04.2016 15:59:01
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Buffer overflow in the AStreamPeekStream function in input/stream.c in VideoLAN VLC media player before 2.2.0 allows remote attackers to cause a denial of service (crash) via a crafted wav file, related to "seek across EOF."

6.8

CVE-2015-5949

  • EPSS 7.47%
  • Veröffentlicht 25.08.2015 17:59:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

VideoLAN VLC media player 2.2.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted 3GP file, which triggers the freeing of arbitrary pointers.

4.3

CVE-2014-9743

Exploit
  • EPSS 0.26%
  • Veröffentlicht 17.08.2015 15:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Cross-site scripting (XSS) vulnerability in the httpd_HtmlError function in network/httpd.c in the web interface in VideoLAN VLC Media Player before 2.2.0 allows remote attackers to inject arbitrary web script or HTML via the path info.

6.8

CVE-2014-9598

  • EPSS 14.61%
  • Veröffentlicht 21.01.2015 15:17:10
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The picture_Release function in misc/picture.c in VideoLAN VLC media player 2.1.5 allows remote attackers to execute arbitrary code or cause a denial of service (write access violation) via a crafted M2V file.

6.8

CVE-2014-9597

  • EPSS 8.49%
  • Veröffentlicht 21.01.2015 15:17:08
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The picture_pool_Delete function in misc/picture_pool.c in VideoLAN VLC media player 2.1.5 allows remote attackers to execute arbitrary code or cause a denial of service (DEP violation and application crash) via a crafted FLV file.

7.5

CVE-2011-3623

  • EPSS 3.69%
  • Veröffentlicht 26.12.2014 20:59:08
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Multiple stack-based buffer overflows in VideoLAN VLC media player before 1.0.2 allow remote attackers to execute arbitrary code via (1) a crafted ASF file, related to the ASF_ObjectDumpDebug function in modules/demux/asf/libasf.c; (2) a crafted AVI ...

7.5

CVE-2010-2062

Exploit
  • EPSS 2.99%
  • Veröffentlicht 26.12.2014 20:59:07
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Integer underflow in the real_get_rdt_chunk function in real.c, as used in modules/access/rtsp/real.c in VideoLAN VLC media player before 1.0.1 and stream/realrtsp/real.c in MPlayer before r29447, allows remote attackers to execute arbitrary code via...

7.5

CVE-2010-1445

  • EPSS 1.8%
  • Veröffentlicht 26.12.2014 20:59:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Heap-based buffer overflow in VideoLAN VLC media player before 1.0.6 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted byte stream in an RTMP session.

7.5

CVE-2010-1444

  • EPSS 1.9%
  • Veröffentlicht 26.12.2014 20:59:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The ZIP archive decompressor in VideoLAN VLC media player before 1.0.6 allows remote attackers to cause a denial of service (invalid memory access and application crash) or possibly execute arbitrary code via a crafted archive.

5

CVE-2010-1443

  • EPSS 0.54%
  • Veröffentlicht 26.12.2014 20:59:04
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The parse_track_node function in modules/demux/playlist/xspf.c in the XSPF playlist parser in VideoLAN VLC media player before 1.0.6 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty lo...