CVE-2011-1684
EPSS 4.9%vlc - heap-based buffer overflow
發布日:2011/5/3修改日:2026/4/28
也稱為:DEBIAN-CVE-2011-1684
描述
Heap-based buffer overflow in the MP4_ReadBox_skcr function in libmp4.c in the MP4 demultiplexer in VideoLAN VLC media player 1.x before 1.1.9 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted MP4 file.
受影響套件(2)
- Debian/vlcfrom 0, < 1.1.8-3
- Debian/vlcfrom 0, < 1.1.3-1squeeze5