DSA-3342-1 vlc -- vlc
|ID: oval:org.secpod.oval:def:602210||Date: (C)2015-08-28 (M)2018-07-24|
|Class: PATCH||Family: unix|
Loren Maggiore of Trail of Bits discovered that the 3GP parser of VLC, a multimedia player and streamer, could dereference an arbitrary pointer due to insufficient restrictions on a writable buffer. This could allow remote attackers to execute arbitrary code via crafted 3GP files.