Videolan: >> Vlc Media Player >> 2.1.6 Security Vulnerabilities
Buffer overflow in the AStreamPeekStream function in input/stream.c in VideoLAN VLC media player before 2.2.0 allows remote attackers to cause a denial of service (crash) via a crafted wav file, related to "seek across EOF."
CVSS Score
5.5
EPSS Score
0.003
Published
2016-04-18
VideoLAN VLC media player 2.2.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted 3GP file, which triggers the freeing of arbitrary pointers.
CVSS Score
6.8
EPSS Score
0.07
Published
2015-08-25
Cross-site scripting (XSS) vulnerability in the httpd_HtmlError function in network/httpd.c in the web interface in VideoLAN VLC Media Player before 2.2.0 allows remote attackers to inject arbitrary web script or HTML via the path info.
CVSS Score
4.3
EPSS Score
0.003
Published
2015-08-17
Page 3