KLA11032
Denial of service vulnerabilities in VideoLAN VLC media player
Updated: 06/26/2019
Detect date
?
05/29/2017
Severity
?
High
Description

Multiple serious vulnerabilities have been found in VideoLAN VLC media player. Malicious users can exploit these vulnerabilities to cause a denial of service or possibly have another unspecified impact.

Below is a complete list of vulnerabilities:

  1. An unspecified vulnerability in pluginsaudio_filterlibmpgatofixed32_plugin.dll can be exploited remotely via a specially designed file to cause a denial of service;
  2. An unspecified vulnerability inpluginscodeclibflac_plugin.dll can be exploited remotely via a specially designed FLAC file to cause a denial of service.

NB: These vulnerabilities do not have any public CVSS rating so rating can be changed by the time.

Affected products

VideoLAN VLC media player 2.2.4

Solution

Update to the latest version
Download VLC media player

Original advisories

Multiple Crashes in VLC 2.2.4

Impacts
?
DoS 
[?]
CVE-IDS
?