CVE-2015-5949

EPSS 7.4%

vlc - security update

Published: 8/25/2015Modified: 4/28/2026

Description

VideoLAN VLC media player 2.2.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted 3GP file, which triggers the freeing of arbitrary pointers.

Affected packages (2)

Debian/vlcfrom 0, < 2.2.1-3
Debian/vlcfrom 0, < 2.2.0~rc2-2+deb8u1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2015-5949