Videolan: >> Vlc Media Player >> 3.0.18 Security Vulnerabilities
A binary hijacking vulnerability exists within the VideoLAN VLC media player before 3.0.19 on Windows. The uninstaller attempts to execute code with elevated privileges out of a standard user writable location. Standard users may use this to gain arbitrary code execution as SYSTEM.
CVSS Score
7.8
EPSS Score
0.001
Published
2023-11-22
Videolan VLC prior to version 3.0.20 contains an incorrect offset read that leads to a Heap-Based Buffer Overflow in function GetPacket() and results in a memory corruption.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-11-07
Videolan VLC prior to version 3.0.20 contains an Integer underflow that leads to an incorrect packet length.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-11-07