Videolan » Vlc Media Player : Security Vulnerabilities, CVEs, CVSS score >= 9
Videolan VLC prior to version 3.0.20 contains an incorrect offset read that leads to a Heap-Based Buffer Overflow in function GetPacket() and results in a memory corruption.
Max CVSS
9.8
EPSS Score
0.09%
Published
2023-11-07
Updated
2023-12-01
lavc_CopyPicture in modules/codec/avcodec/video.c in VideoLAN VLC media player through 3.0.7 has a heap-based buffer over-read because it does not properly validate the width and height.
Max CVSS
9.8
EPSS Score
0.91%
Published
2019-07-18
Updated
2022-04-18
An issue was discovered in zlib_decompress_extra in modules/demux/mkv/util.cpp in VideoLAN VLC media player 3.x through 3.0.7. The Matroska demuxer, while parsing a malformed MKV file type, has a double free.
Max CVSS
9.8
EPSS Score
6.70%
Published
2019-06-18
Updated
2019-06-25
The CAF demuxer in modules/demux/caf.c in VideoLAN VLC media player 3.0.4 may read memory from an uninitialized pointer when processing magic cookies in CAF files, because a ReadKukiChunk() cast converts a return value to an unsigned int even if that value is negative. This could result in a denial of service and/or a potential infoleak.
Max CVSS
9.1
EPSS Score
86.59%
Published
2018-12-05
Updated
2019-07-25
avcodec 2.2.x, as used in VideoLAN VLC media player 2.2.7-x before 2017-06-29, allows out-of-bounds heap memory write due to calling memcpy() with a wrong size, leading to a denial of service (application crash) or possibly code execution.
Max CVSS
9.8
EPSS Score
0.43%
Published
2017-06-30
Updated
2017-11-23
Buffer overflow in the DecodeAdpcmImaQT function in modules/codec/adpcm.c in VideoLAN VLC media player before 2.2.4 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted QuickTime IMA file.
Max CVSS
9.8
EPSS Score
28.17%
Published
2016-06-08
Updated
2017-07-01
Multiple buffer overflows in VideoLAN VLC media player 2.0.4 and earlier allow remote attackers to cause a denial of service (crash) and execute arbitrary code via vectors related to the (1) freetype renderer and (2) HTML subtitle parser.
Max CVSS
9.3
EPSS Score
23.16%
Published
2013-07-10
Updated
2017-09-19
Multiple heap-based buffer overflows in VideoLAN VLC media player before 2.0.1 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Real RTSP stream.
Max CVSS
9.3
EPSS Score
5.25%
Published
2012-03-19
Updated
2018-01-06
CVE-2012-1775
Public exploit
Stack-based buffer overflow in VideoLAN VLC media player before 2.0.1 allows remote attackers to execute arbitrary code via a crafted MMS:// stream.
Max CVSS
9.3
EPSS Score
95.92%
Published
2012-03-19
Updated
2017-12-14
Double free vulnerability in the get_chunk_header function in modules/demux/ty.c in VideoLAN VLC media player 0.9.0 through 1.1.12 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TiVo (TY) file.
Max CVSS
9.3
EPSS Score
5.97%
Published
2012-10-30
Updated
2017-11-30
Integer overflow in the XSPF playlist parser in VideoLAN VLC media player 0.8.5 through 1.1.9 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors that trigger a heap-based buffer overflow.
Max CVSS
9.3
EPSS Score
16.62%
Published
2011-06-24
Updated
2017-09-19
CVE-2011-0531
Public exploit
demux/mkv/mkv.hpp in the MKV demuxer plugin in VideoLAN VLC media player 1.1.6.1 and earlier allows remote attackers to cause a denial of service (crash) and execute arbitrary commands via a crafted MKV (WebM or Matroska) file that triggers memory corruption, related to "class mismatching" and the MKV_IS_ID macro.
Max CVSS
9.3
EPSS Score
96.97%
Published
2011-02-07
Updated
2017-09-19
Multiple heap-based buffer overflows in cdg.c in the CDG decoder in VideoLAN VLC Media Player before 1.1.6 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted CDG video.
Max CVSS
9.3
EPSS Score
4.04%
Published
2011-01-25
Updated
2017-09-19
Multiple integer overflows in real.c in the Real demuxer plugin in VideoLAN VLC Media Player before 1.1.6 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a zero i_subpackets value in a Real Media file, leading to a heap-based buffer overflow.
Max CVSS
9.3
EPSS Score
5.09%
Published
2011-01-03
Updated
2017-09-19
libdirectx_plugin.dll in VideoLAN VLC Media Player before 1.1.8 allows remote attackers to execute arbitrary code via a crafted width in an NSV file.
Max CVSS
9.3
EPSS Score
8.46%
Published
2011-03-28
Updated
2018-10-10
CVE-2010-3275
Public exploit
libdirectx_plugin.dll in VideoLAN VLC Media Player before 1.1.8 allows remote attackers to execute arbitrary code via a crafted width in an AMV file, related to a "dangling pointer vulnerability."
Max CVSS
9.3
EPSS Score
93.76%
Published
2011-03-28
Updated
2018-10-10
Untrusted search path vulnerability in bin/winvlc.c in VLC Media Player 1.1.3 and earlier allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wintab32.dll that is located in the same folder as a .mp3 file.
Max CVSS
9.3
EPSS Score
8.20%
Published
2010-08-26
Updated
2017-09-19
Stack-based buffer overflow in VideoLAN VLC Media Player 0.8.6 allows user-assisted remote attackers to execute arbitrary code via an ogg file with a crafted Advanced SubStation Alpha Subtitle (.ass) file, probably involving the Dialogue field.
Max CVSS
9.3
EPSS Score
12.55%
Published
2010-01-21
Updated
2017-09-19
CVE-2009-2484
Public exploit
Stack-based buffer overflow in the Win32AddConnection function in modules/access/smb.c in VideoLAN VLC media player 0.9.9, when running on Microsoft Windows, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long smb URI in a playlist file.
Max CVSS
9.3
EPSS Score
96.50%
Published
2009-07-16
Updated
2017-09-19
Integer overflow in the ReadRealIndex function in real.c in the Real demuxer plugin in VideoLAN VLC media player 0.9.0 through 0.9.7 allows remote attackers to execute arbitrary code via a malformed RealMedia (.rm) file that triggers a heap-based buffer overflow.
Max CVSS
9.3
EPSS Score
30.09%
Published
2008-12-03
Updated
2018-10-11
CVE-2008-5036
Public exploit
Stack-based buffer overflow in VideoLAN VLC media player 0.9.x before 0.9.6 might allow user-assisted attackers to execute arbitrary code via an an invalid RealText (rt) subtitle file, related to the ParseRealText function in modules/demux/subtitle.c. NOTE: this issue was SPLIT from CVE-2008-5032 on 20081110.
Max CVSS
9.3
EPSS Score
97.01%
Published
2008-11-10
Updated
2018-10-11
Stack-based buffer overflow in VideoLAN VLC media player 0.5.0 through 0.9.5 might allow user-assisted attackers to execute arbitrary code via the header of an invalid CUE image file, related to modules/access/vcd/cdrom.c. NOTE: this identifier originally included an issue related to RealText, but that issue has been assigned a separate identifier, CVE-2008-5036.
Max CVSS
9.3
EPSS Score
0.78%
Published
2008-11-10
Updated
2018-10-11
Multiple integer overflows in ty.c in the TY demux plugin (aka the TiVo demuxer) in VideoLAN VLC media player, probably 0.9.4, might allow remote attackers to execute arbitrary code via a crafted .ty file, a different vulnerability than CVE-2008-4654.
Max CVSS
9.3
EPSS Score
3.52%
Published
2008-10-22
Updated
2017-09-29
CVE-2008-4654
Public exploit
Stack-based buffer overflow in the parse_master function in the Ty demux plugin (modules/demux/ty.c) in VLC Media Player 0.9.0 through 0.9.4 allows remote attackers to execute arbitrary code via a TiVo TY media file with a header containing a crafted size value.
Max CVSS
9.3
EPSS Score
75.35%
Published
2008-10-22
Updated
2018-10-11
Integer overflow in the Open function in modules/demux/tta.c in VLC Media Player 0.8.6i allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TTA file, which triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information.
Max CVSS
9.3
EPSS Score
9.82%
Published
2008-08-20
Updated
2017-09-29