NULL pointer dereference and application crash vulnerability in VideoLAN VLC media player via an empty location element in an (XSPF) document (Mac OS X)ID: oval:org.secpod.oval:def:22338 | Date: (C)2015-01-02 (M)2023-11-13 |
Class: VULNERABILITY | Family: macos |
The host is installed with VideoLAN VLC media player 0.5.0 before 1.0.6 and is prone to a null pointer dereference and application crash vulnerability. A flaw is present in the application, which fails to handle an empty location element in an XML Shareable Playlist Format (XSPF) document. Successful exploitation could allow attackers to crash the service or execute arbitrary code.
Platform: |
Apple Mac OS 14 |
Apple Mac OS 13 |
Apple Mac OS 12 |
Apple Mac OS 11 |
Apple Mac OS X 10.15 |
Apple Mac OS X 10.14 |
Apple Mac OS X 10.12 |
Apple Mac OS X 10.13 |
Apple Mac OS X 10.8 |
Apple Mac OS X 10.9 |
Apple Mac OS X 10.10 |
Apple Mac OS X 10.11 |
Apple Mac OS X Server 10.8 |
Apple Mac OS X Server 10.9 |
Apple Mac OS X Server 10.10 |
Apple Mac OS X Server 10.11 |