Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-9598

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2014-9598
Last Modified 22 Jan 2015 10:44:44
Published 21 Jan 2015 10:17:10
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2014-9598

Summary

The picture_Release function in misc/picture.c in VideoLAN VLC media player 2.1.5 allows remote attackers to execute arbitrary code or cause a denial of service (write access violation) via a crafted M2V file.

Vulnerable Systems

Application

  • Videolan Vlc Media Player 2.1.5


References

MISC - https://trac.videolan.org/vlc/ticket/13390

MISC - https://trac.videolan.org/vlc/attachment/ticket/13390/windbglog.txt

MISC - http://www.binarysniper.net/2015/01/vlc-media-player-215-memory-corruption.html

FULLDISC - 20150116 VLC Media Player 2.1.5 Memory Corruption Vulnerabilities (CVE-2014-9597, CVE-2014-9597)


Last Updated: 27 May 2016 11:07:36