Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Vlc_media_player
(Videolan)| Repositories | https://git.videolan.org/git/vlc.git |
| #Vulnerabilities | 113 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2013-07-10 | CVE-2012-5855 | The SHAddToRecentDocs function in VideoLAN VLC media player 2.0.4 and earlier might allow user-assisted attackers to cause a denial of service (crash) via a crafted file name that triggers an incorrect string-length calculation when the file is added to VLC. NOTE: it is not clear whether this issue crosses privilege boundaries or whether it can be exploited without user interaction. | Vlc_media_player | N/A | ||
| 2012-10-26 | CVE-2012-5470 | libpng_plugin in VideoLAN VLC media player 2.0.3 allows remote attackers to cause a denial of service (application crash) via a crafted PNG file. | Vlc_media_player | N/A | ||
| 2012-04-19 | CVE-2012-2396 | VideoLAN VLC media player 2.0.1 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted MP4 file. | Vlc_media_player | N/A | ||
| 2012-03-19 | CVE-2012-1776 | Multiple heap-based buffer overflows in VideoLAN VLC media player before 2.0.1 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Real RTSP stream. | Vlc_media_player | N/A | ||
| 2012-01-20 | CVE-2012-0904 | VLC media player 1.1.11 allows remote attackers to cause a denial of service (crash) via a long string in an amr file. | Vlc_media_player | N/A | ||
| 2011-06-24 | CVE-2011-2194 | Integer overflow in the XSPF playlist parser in VideoLAN VLC media player 0.8.5 through 1.1.9 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors that trigger a heap-based buffer overflow. | Vlc_media_player | N/A | ||
| 2011-05-03 | CVE-2011-1087 | Buffer overflow in VideoLAN VLC media player 1.0.5 allows user-assisted remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted .mp3 file that is played during bookmark creation. | Vlc_media_player | N/A | ||
| 2011-03-28 | CVE-2010-3276 | libdirectx_plugin.dll in VideoLAN VLC Media Player before 1.1.8 allows remote attackers to execute arbitrary code via a crafted width in an NSV file. | Vlc_media_player | N/A | ||
| 2011-03-28 | CVE-2010-3275 | libdirectx_plugin.dll in VideoLAN VLC Media Player before 1.1.8 allows remote attackers to execute arbitrary code via a crafted width in an AMV file, related to a "dangling pointer vulnerability." | Vlc_media_player | N/A | ||
| 2014-12-26 | CVE-2010-1445 | Heap-based buffer overflow in VideoLAN VLC media player before 1.0.6 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted byte stream in an RTMP session. | Vlc_media_player | N/A |