The host is installed with Google Chrome before 33.0.1750.117 and is prone to a directory traversal vulnerability. A flaw is present in the application, which fails to properly handle relative paths in Windows sandbox named pipe policy. Successful exploitation could allow attackers to bypass intended named-pipe policy restrictions.
The host is installed with vlc media player before 0.8.6e and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a malformed MP4 file. Successful exploitation could allow attackers to overwrite arbitrary memory and execute arbitrary code.
The host is installed with vlc media player 0.8.6h and is prone to an integer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted TTA file. Successful exploitation could allow attackers to execute arbitrary code or crash the service.
The host is installed with vlc media player 0.8.6i and is prone to an integer overflow vulnerability. A flaw is present in the application, which fails to handle a large fmt chunk in a WAV file. Successful exploitation could allow attackers to execute arbitrary code.
The host is installed with vlc media player 0.9.2 and is prone to an array index error vulnerability. A flaw is present in the application, which fails to handle an XSPF playlist file with a negative identifier tag. Successful exploitation could allow attackers to overwrite arbitrary memory and execute arbitrary code.
The host is installed with vlc media player 0.8.6 and is prone to a stack-based buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle an ogg file with a crafted Advanced SubStation Alpha Subtitle (.ass) file. Successful exploitation could allow attackers to execute arbitrary code.
The host is installed with vlc media player before 2.1.12 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a (1) space or (2) tab character. Successful exploitation could allow attackers to execute arbitrary code or crash the service.
The host is installed with vlc media player before 2.1.12 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle via a space character at the beginning of an RTSP message. Successful exploitation could allow attackers to execute arbitrary code or crash the service.
The host is installed with Apple QuickTime before 7.7.5 and is prone to arbitrary code execution vulnerability. A flaw is present in the application, which fails to initialize an unspecified pointer. Successful exploitation allows attackers to cause a denial of service or an application crash.
The host is installed with Apple QuickTime before 7.7.5 and is prone to buffer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted movie file with H.264 encoding. Successful exploitation allows attackers to cause a denial of service or an application crash.