PT-2012-2938 · Videolan · Vlc Media Player

Fabi@Habsec

Published

2012-01-20

Updated

2017-09-19

CVE-2012-0904

CVSS v2.0

4.3

Medium

Vector

AV:N/AC:M/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions VLC media player version 1.1.11

Description The issue allows remote attackers to cause a denial of service, resulting in a crash, by utilizing a long string in an amr file.

Recommendations For VLC media player version 1.1.11, consider avoiding the use of amr files with long strings until a patch is available. As a temporary workaround, restrict access to files that could potentially trigger this issue to minimize the risk of exploitation.

Exploit

Fix

DoS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-399

Related Identifiers

CVE-2012-0904

Affected Products

Vlc Media Player

PT-2012-2938 · Videolan · Vlc Media Player

CVE-2012-0904

Weakness Enumeration

Related Identifiers

Affected Products

References · 8