An Integer Underflow in MP4_EIA608_Convert() in modules/demux/mp4/mp4.c in VideoLAN VLC media player through 3.0.7.1 allows remote attackers to cause a denial of service (heap-based buffer overflow and crash) or possibly have unspecified other impact via a crafted .mp4 file.
Max CVSS
7.8
EPSS Score
0.67%
Published
2019-07-14
Updated
2022-04-18
lavc_CopyPicture in modules/codec/avcodec/video.c in VideoLAN VLC media player through 3.0.7 has a heap-based buffer over-read because it does not properly validate the width and height.
Max CVSS
9.8
EPSS Score
0.91%
Published
2019-07-18
Updated
2022-04-18
The xiph_SplitHeaders function in modules/demux/xiph.h in VideoLAN VLC media player 3.0.7.1 does not check array bounds properly. As a result, a heap-based buffer over-read can be triggered via a crafted .ogg file.
Max CVSS
7.8
EPSS Score
0.15%
Published
2019-08-29
Updated
2020-08-24
A heap-based buffer over-read in xiph_PackHeaders() in modules/demux/xiph.h in VideoLAN VLC media player 3.0.7.1 allows remote attackers to trigger a heap-based buffer over-read via a crafted .ogg file.
Max CVSS
7.8
EPSS Score
0.22%
Published
2019-08-29
Updated
2020-08-18
A divide-by-zero error exists in the Control function of demux/caf.c in VideoLAN VLC media player 3.0.7.1. As a result, an FPE can be triggered via a crafted CAF file.
Max CVSS
7.8
EPSS Score
0.19%
Published
2019-08-29
Updated
2020-08-18
The Control function of demux/asf/asf.c in VideoLAN VLC media player 3.0.7.1 has a use-after-free.
Max CVSS
7.8
EPSS Score
0.19%
Published
2019-08-29
Updated
2020-08-18
In VideoLAN VLC media player 3.0.7.1, there is a NULL pointer dereference at the function SeekPercent of demux/asf/asf.c that will lead to a denial of service attack.
Max CVSS
5.5
EPSS Score
0.15%
Published
2019-08-29
Updated
2020-08-18
A divide-by-zero error exists in the SeekIndex function of demux/asf/asf.c in VideoLAN VLC media player 3.0.7.1. As a result, an FPE can be triggered via a crafted WMV file.
Max CVSS
7.8
EPSS Score
0.19%
Published
2019-08-29
Updated
2020-08-18
A heap-based buffer over-read exists in DemuxInit() in demux/asf/asf.c in VideoLAN VLC media player 3.0.7.1 via a crafted .mkv file.
Max CVSS
7.8
EPSS Score
0.13%
Published
2019-08-29
Updated
2020-08-18
The Control function of demux/mkv/mkv.cpp in VideoLAN VLC media player 3.0.7.1 has a use-after-free.
Max CVSS
7.8
EPSS Score
0.19%
Published
2019-08-29
Updated
2020-08-18
The mkv::virtual_segment_c::seek method of demux/mkv/virtual_segment.cpp in VideoLAN VLC media player 3.0.7.1 has a use-after-free.
Max CVSS
7.8
EPSS Score
0.19%
Published
2019-08-29
Updated
2020-08-18
A vulnerability in mkv::event_thread_t in VideoLAN VLC media player 3.0.7.1 allows remote attackers to trigger a heap-based buffer overflow via a crafted .mkv file.
Max CVSS
7.8
EPSS Score
0.22%
Published
2019-08-29
Updated
2020-08-24
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!