First published: Mon May 28 2018(Updated: )
The vlc_demux_chained_Delete function in input/demux_chained.c in VideoLAN VLC media player 3.0.1 allows remote attackers to cause a denial of service (heap corruption and application crash) or possibly have unspecified other impact via a crafted .swf file.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Videolan Vlc Media Player | =3.0.0 | |
Videolan Vlc Media Player | =3.0.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2018-11516 is a vulnerability in VideoLAN VLC media player 3.0.1 that allows remote attackers to cause a denial of service or possibly have other impact via a crafted .swf file.
CVE-2018-11516 is rated as high severity with a CVSS v3.0 base score of 8.8.
Videolan Vlc Media Player versions 3.0.0 and 3.0.1 are affected by CVE-2018-11516.
CVE-2018-11516 can be exploited by remote attackers through a crafted .swf file.
Yes, here are some references related to CVE-2018-11516: [Link1], [Link2], [Link3].