Videolan: >> Vlc Media Player >> 2.2.2 Security Vulnerabilities
Heap out-of-bound read in ParseJSS in VideoLAN VLC before 2.2.5 due to missing check of string termination allows attackers to read data beyond allocated memory and potentially crash the process via a crafted subtitles file.
CVSS Score
5.5
EPSS Score
0.003
Published
2017-05-23
Buffer overflow in the DecodeAdpcmImaQT function in modules/codec/adpcm.c in VideoLAN VLC media player before 2.2.4 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted QuickTime IMA file.
CVSS Score
9.8
EPSS Score
0.27
Published
2016-06-08
Page 3