Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The MP4_ReadBox_String function in modules/demux/mp4/libmp4.c in VideoLAN VLC media player before 2.1.6 allows remote attackers to trigger an unintended zero-size malloc and conduct buffer overflow attacks, and consequently execute arbitrary code, via a box size of 7.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
VideoLAN VLC media player 缓冲区错误漏洞
Vulnerability Description
VideoLAN VLC media player是法国VideoLAN组织的一款免费、开源的跨平台多媒体播放器(也是一个多媒体框架)。该产品支持播放多种介质(文件、光盘等)、多种音视频格式(WMV,MP3等)等。 VideoLAN VLC media player 2.1.6之前版本中的modules/demux/mp4/libmp4.c文件的‘MP4_ReadBox_String’函数存在缓冲区错误漏洞。远程攻击者可借助特制的MP4文件利用该漏洞行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A