CVE-2014-6440

VideoLAN VLC media player before 2.1.5 allows remote attackers to execute arbitrary code or cause a denial of service.
References
Link Resource
http://billblough.net/blog/2015/03/04/cve-2014-6440-heap-overflow-in-vlc-transcode-module/ Exploit Patch Technical Description Third Party Advisory
http://seclists.org/oss-sec/2015/q1/751 Patch Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/72950 Third Party Advisory VDB Entry
http://www.videolan.org/developers/vlc-branch/NEWS Release Notes Vendor Advisory
https://security.gentoo.org/glsa/201603-08 Third Party Advisory VDB Entry
Configurations

Configuration 1 (hide)

cpe:2.3:a:videolan:vlc:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2017-03-28 15:59

Updated : 2024-02-04 19:11


NVD link : CVE-2014-6440

Mitre link : CVE-2014-6440

CVE.ORG link : CVE-2014-6440


JSON object : View

Products Affected

videolan

  • vlc
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer