VYPR

VLC media player

by VideoLAN

Source repositories

CVEs (117)

  • CVE-2012-5855Jul 10, 2013
    risk 0.00cvss epss 0.01

    The SHAddToRecentDocs function in VideoLAN VLC media player 2.0.4 and earlier might allow user-assisted attackers to cause a denial of service (crash) via a crafted file name that triggers an incorrect string-length calculation when the file is added to VLC. NOTE: it is not…

  • CVE-2012-0023Oct 30, 2012
    risk 0.00cvss epss 0.05

    Double free vulnerability in the get_chunk_header function in modules/demux/ty.c in VideoLAN VLC media player 0.9.0 through 1.1.12 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TiVo (TY) file.

  • CVE-2012-3377Jul 12, 2012
    risk 0.00cvss epss 0.04

    Heap-based buffer overflow in the Ogg_DecodePacket function in the OGG demuxer (modules/demux/ogg.c) in VideoLAN VLC media player before 2.0.2 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted OGG file.

  • CVE-2012-1776Mar 19, 2012
    risk 0.00cvss epss 0.05

    Multiple heap-based buffer overflows in VideoLAN VLC media player before 2.0.1 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Real RTSP stream.

  • CVE-2011-2588Jul 27, 2011
    risk 0.00cvss epss 0.04

    Heap-based buffer overflow in the AVI_ChunkRead_strf function in libavi.c in the AVI demuxer in VideoLAN VLC media player before 1.1.11 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted AVI media file.

  • CVE-2011-2587Jul 27, 2011
    risk 0.00cvss epss 0.04

    Heap-based buffer overflow in the DemuxAudioSipr function in real.c in the RealMedia demuxer in VideoLAN VLC media player 1.1.x before 1.1.11 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Real Media file.

  • CVE-2011-1931Jul 7, 2011
    risk 0.00cvss epss 0.02

    sp5xdec.c in the Sunplus SP5X JPEG decoder in libavcodec in FFmpeg before 0.6.3 and libav through 0.6.2, as used in VideoLAN VLC media player 1.1.9 and earlier and other products, performs a write operation outside the bounds of an unspecified array, which allows remote…

  • CVE-2011-2161May 20, 2011
    risk 0.00cvss epss 0.01

    The ape_read_header function in ape.c in libavformat in FFmpeg before 0.5.4, as used in MPlayer, VideoLAN VLC media player, and other products, allows remote attackers to cause a denial of service (application crash) via an APE (aka Monkey's Audio) file that contains a header…

  • CVE-2011-1684May 3, 2011
    risk 0.00cvss epss 0.05

    Heap-based buffer overflow in the MP4_ReadBox_skcr function in libmp4.c in the MP4 demultiplexer in VideoLAN VLC media player 1.x before 1.1.9 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted MP4 file.

  • CVE-2011-0021Jan 25, 2011
    risk 0.00cvss epss 0.06

    Multiple heap-based buffer overflows in cdg.c in the CDG decoder in VideoLAN VLC Media Player before 1.1.6 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted CDG video.

  • CVE-2010-3907Jan 3, 2011
    risk 0.00cvss epss 0.06

    Multiple integer overflows in real.c in the Real demuxer plugin in VideoLAN VLC Media Player before 1.1.6 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a zero i_subpackets value in a Real Media file, leading to a…

  • CVE-2010-2937Aug 20, 2010
    risk 0.00cvss epss 0.03

    The ReadMetaFromId3v2 function in taglib.cpp in the TagLib plugin in VideoLAN VLC media player 0.9.0 through 1.1.2 does not properly process ID3v2 tags, which allows remote attackers to cause a denial of service (application crash) via a crafted media file.

  • CVE-2008-2430Jul 7, 2008
    risk 0.00cvss epss 0.06

    Integer overflow in the Open function in modules/demux/wav.c in VLC Media Player 0.8.6h on Windows allows remote attackers to execute arbitrary code via a large fmt chunk in a WAV file.

  • CVE-2008-0295Jan 16, 2008
    risk 0.00cvss epss 0.11

    Heap-based buffer overflow in modules/access/rtsp/real_sdpplin.c in the Xine library, as used in VideoLAN VLC Media Player 0.8.6d and earlier, allows user-assisted remote attackers to cause a denial of service (crash) or execute arbitrary code via long Session Description…

  • CVE-2008-0296Jan 16, 2008
    risk 0.00cvss epss 0.15

    Heap-based buffer overflow in the libaccess_realrtsp plugin in VideoLAN VLC Media Player 0.8.6d and earlier on Windows might allow remote RTSP servers to cause a denial of service (application crash) or execute arbitrary code via a long string.

  • CVE-2007-3467Jun 27, 2007
    risk 0.00cvss epss 0.03

    Integer overflow in the __status_Update function in stats.c VideoLAN VLC Media Player before 0.8.6c allows remote attackers to cause a denial of service (crash) via a WAV file with a large sample rate.

  • CVE-2007-3468Jun 27, 2007
    risk 0.00cvss epss 0.03

    input.c in VideoLAN VLC Media Player before 0.8.6c allows remote attackers to cause a denial of service (crash) via a crafted WAV file that causes an uninitialized i_nb_resamplers variable to be used.

Page 6 of 6