First published: Tue May 23 2017(Updated: )
Potential heap based buffer overflow in ParseJSS in VideoLAN VLC before 2.2.5 due to skipping NULL terminator in an input string allows attackers to execute arbitrary code via a crafted subtitles file.
Credit: cve@checkpoint.com
Affected Software | Affected Version | How to fix |
---|---|---|
Videolan Vlc Media Player | <=2.2.4 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.