KLA11032
Denial of service vulnerabilities in VideoLAN VLC media player
Обновлено: 26/06/2019
Дата обнаружения
29/05/2017
Уровень угрозы
High
Описание

Multiple serious vulnerabilities have been found in VideoLAN VLC media player. Malicious users can exploit these vulnerabilities to cause a denial of service or possibly have another unspecified impact.

Below is a complete list of vulnerabilities:

  1. An unspecified vulnerability in pluginsaudio_filterlibmpgatofixed32_plugin.dll can be exploited remotely via a specially designed file to cause a denial of service;
  2. An unspecified vulnerability inpluginscodeclibflac_plugin.dll can be exploited remotely via a specially designed FLAC file to cause a denial of service.

NB: These vulnerabilities do not have any public CVSS rating so rating can be changed by the time.

Пораженные продукты

VideoLAN VLC media player 2.2.4

Решение

Update to the latest version
Download VLC media player

Первичный источник обнаружения
Multiple Crashes in VLC 2.2.4
Оказываемое влияние
?
DoS 
[?]
Связанные продукты
VLC media player
CVE-IDS