CVE-2018-11516: Use After Free
First published: Mon May 28 2018(Updated: )
The vlc_demux_chained_Delete function in input/demux_chained.c in VideoLAN VLC media player 3.0.1 allows remote attackers to cause a denial of service (heap corruption and application crash) or possibly have unspecified other impact via a crafted .swf file.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Videolan Vlc Media Player | =3.0.0 | |
| Videolan Vlc Media Player | =3.0.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2018-11516?
CVE-2018-11516 is a vulnerability in VideoLAN VLC media player 3.0.1 that allows remote attackers to cause a denial of service or possibly have other impact via a crafted .swf file.
How severe is CVE-2018-11516?
CVE-2018-11516 is rated as high severity with a CVSS v3.0 base score of 8.8.
How does CVE-2018-11516 affect Videolan Vlc Media Player?
Videolan Vlc Media Player versions 3.0.0 and 3.0.1 are affected by CVE-2018-11516.
How can CVE-2018-11516 be exploited?
CVE-2018-11516 can be exploited by remote attackers through a crafted .swf file.
Are there any references related to CVE-2018-11516?
Yes, here are some references related to CVE-2018-11516: [Link1], [Link2], [Link3].
- collector/nvd-index
- vendor/videolan
- canonical/videolan vlc media player
- version/videolan vlc media player/3.0.0
- version/videolan vlc media player/3.0.1