KLA11761
Multiple vulnerabilities in VLC media player
Updated: 05/29/2020
Detect date
?
08/29/2019
Severity
?
Warning
Description

Multiple vulnerabilities were found in VLC media player. Malicious users can exploit these vulnerabilities to cause denial of service.

Below is a complete list of vulnerabilities:

  1. Integer Underflow vulnerability can be exploited to cause a denial of service;
  2. Heap-based buffer over-read vulnerability can be exploited to cause a denial of service;
  3. Divide-by-zero vulnerability can be exploited to cause a denial of service;
  4. Use-after-free vulnerability can be exploited to cause a denial of service;
  5. NULL pointer vulnerability can be exploited to cause a denial of service;
  6. Heap-based buffer overflow vulnerability can be exploited to cause a denial of service;
Affected products

VLC media player 3.0.7.1 and earlier

Solution

Update to the latest version
Download VLC media player

Original advisories

sb-vlc308

Impacts
?
DoS 
[?]
Related products
VLC media player
CVE-IDS
?
CVE-2019-136020.0Unknown
CVE-2019-144370.0Unknown
CVE-2019-144380.0Unknown
CVE-2019-144980.0Unknown
CVE-2019-145330.0Unknown
CVE-2019-145340.0Unknown
CVE-2019-145350.0Unknown
CVE-2019-147760.0Unknown
CVE-2019-147770.0Unknown
CVE-2019-147780.0Unknown
CVE-2019-149700.0Unknown