VLC Media Player MKV Parsing Integer Overflow Vulnerability

Last Update Date: 10 Jul 2013 12:43 Release Date: 10 Jul 2013 4674 Views

RISK: High Risk

High Risk

TYPE: Clients - Audio & Video

TYPE: Audio & Video

A vulnerability has been identified in VLC Media Player , which can be exploited by malicious people to potentially compromise a user's system.

 

The vulnerability is caused due to an integer overflow error within the libmkv_plugin.dll module when parsing MKV files, which can be exploited to cause a heap-based buffer overflow via an MKV file with a specially crafted header.

 

Successful exploitation may allow execution of arbitrary code.

 

NOTE: No official solution is currently available.

Impact

  • Remote Code Execution

System / Technologies affected

  • VLC Media Player 2.x

Vulnerability Identifier

Source

Related Link

Share with

Previous

FFmpeg Multiple Vulnerabilities

9 Jul 2013 4255 Views

Next

IBM WebSphere Application Server Community Edition Serialized Object Handling Vulnerability

10 Jul 2013 4371 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY