FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-18 11:12:36 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
3149ab1c-c8b9-11de-b87b-0011098ad87fvlc -- stack overflow in MPA, AVI and ASF demuxer

VideoLAN reports:

When parsing a MP4, ASF or AVI file with an overly deep box structure, a stack overflow might occur. It would overwrite the return address and thus redirect the execution flow.

If successful, a malicious third party could trigger execution of arbitrary code within the context of the VLC media player.


Discovery 2009-09-14
Entry 2009-11-03
vlc
ge 0.5.0 lt 1.0.2

http://www.videolan.org/security/sa0901.html
4a10902f-8a48-11ea-8668-e0d55e2a8bf9vlc -- Multiple vulnerabilities fixed in VLC media player

VideoLAN reports:

Details

A remote user could:

  • Create a specifically crafted image file that could trigger an out of bounds read
  • Send a specifically crafter request to the microdns service discovery, potentially triggering various memory management issues

Impact

If successful, a malicious third party could trigger either a crash of VLC or an arbitratry code execution with the privileges of the target user.

While these issues in themselves are most likely to just crash the player, we can't exclude that they could be combined to leak user informations or remotely execute code. ASLR and DEP help reduce the likelyness of code execution, but may be bypassed.

We have not seen exploits performing code execution through these vulnerabilities

CVE-2019-19721 affects VLC 3.0.8 and earlier, and only reads 1 byte out of bound


Discovery 2020-04-01
Entry 2020-04-29
vlc
< 3.0.10,4

https://www.videolan.org/security/sb-vlc309.html
4b09378e-addb-11dd-a578-0030843d3802vlc -- cue processing stack overflow

The VLC Team reports:

The VLC media player contains a stack overflow vulnerability while parsing malformed cue files. The vulnerability may be exploited by a (remote) attacker to execute arbitrary code in the context of VLC media player.


Discovery 2008-11-05
Entry 2008-11-08
Modified 2010-05-02
vlc
< 0.8.6.i_2,2

vlc-devel
< 0.9.6,3

CVE-2008-5032
CVE-2008-5036
http://www.videolan.org/security/sa0810.html
http://www.trapkit.de/advisories/TKADV2008-012.txt
5b218581-9372-11e9-8fc4-5404a68ad561vlc -- Double free in Matroska demuxer

The VLC project reports:

mkv: Fix potential double free


Discovery 2019-05-20
Entry 2019-06-20
vlc
< 3.0.7.1,4

CVE-2019-12874
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12874
http://git.videolan.org/?p=vlc.git;a=commit;h=81023659c7de5ac2637b4a879195efef50846102
62f36dfd-ff56-11e1-8821-001b2134ef46vlc -- arbitrary code execution in Real RTSP and MMS support

Jean-Baptiste Kempf, on behalf of the VideoLAN project reports:

If successful, a malicious third party could crash the VLC media player process. Arbitrary code execution could be possible on some systems.


Discovery 2012-03-12
Entry 2012-09-15
vlc
< 2.0.1,3

http://www.videolan.org/security/sa1201.html
http://www.videolan.org/security/sa1202.html
CVE-2012-1775
CVE-2012-1776
6a4bfe75-692a-11e0-bce7-001eecdd401aVLC -- Heap corruption in MP4 demultiplexer

VideoLAN project reports:

When parsing some MP4 (MPEG-4 Part 14) files, insufficient buffer size might lead to corruption of the heap.


Discovery 2011-04-07
Entry 2011-04-17
vlc
ge 1.0.0 lt 1.1.9

http://www.videolan.org/security/sa1103.html
6d402857-2fba-11e6-9f31-5404a68ad561VLC -- Possibly remote code execution via crafted file

The VLC project reports:

Fix out-of-bound write in adpcm QT IMA codec (CVE-2016-5108)


Discovery 2016-05-25
Entry 2016-06-11
vlc
< 2.2.4,4

vlc-qt4
< 2.2.4,4

CVE-2016-5108
7128fb45-2633-11dc-94da-0016179b2dd5vlc -- format string vulnerability and integer overflow

isecpartners reports:

VLC is vulnerable to a format string attack in the parsing of Vorbis comments in Ogg Vorbis and Ogg Theora files, CDDA data or SAP/SDP service discovery messages. Additionally, there are two errors in the handling of wav files, one a denial of service due to an uninitialized variable, and one integer overflow in sampling frequency calculations.


Discovery 2007-06-05
Entry 2007-06-18
Modified 2010-05-12
vlc
< 0.8.6c

CVE-2007-3316
CVE-2007-3468
CVE-2007-3467
http://www.isecpartners.com/advisories/2007-001-vlc.txt
752ce039-5242-11df-9139-00242b513d7cvlc -- unintended code execution with specially crafted data

VideoLAN project reports:

VLC media player suffers from various vulnerabilities when attempting to parse malformatted or overly long byte streams.


Discovery 2010-04-19
Entry 2010-05-01
Modified 2010-05-05
vlc
< 1.0.6

39629
http://www.videolan.org/security/sa1003.html
77896891-b08a-11ea-937b-b42e99a1b9c3vlc heap-based buffer overflow

Thomas Guillem reports:

A heap-based buffer overflow in the hxxx_AnnexB_to_xVC function in modules/packetizer/hxxx_nal.c in VideoLAN VLC media player before 3.0.11 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted H.264 Annex-B video (.avi for example) file.


Discovery 2020-05-27
Entry 2020-06-17
vlc
< 3.0.11,4

https://nvd.nist.gov/vuln/detail/CVE-2020-13428
CVE-2020-13428
795442e7-c355-11e9-8224-5404a68ad561vlc -- multiple vulnerabilities

The VLC project reports:

Security: * Fix a buffer overflow in the MKV demuxer (CVE-2019-14970) * Fix a read buffer overflow in the avcodec decoder (CVE-2019-13962) * Fix a read buffer overflow in the FAAD decoder * Fix a read buffer overflow in the OGG demuxer (CVE-2019-14437, CVE-2019-14438) * Fix a read buffer overflow in the ASF demuxer (CVE-2019-14776) * Fix a use after free in the MKV demuxer (CVE-2019-14777, CVE-2019-14778) * Fix a use after free in the ASF demuxer (CVE-2019-14533) * Fix a couple of integer underflows in the MP4 demuxer (CVE-2019-13602) * Fix a null dereference in the dvdnav demuxer * Fix a null dereference in the ASF demuxer (CVE-2019-14534) * Fix a null dereference in the AVI demuxer * Fix a division by zero in the CAF demuxer (CVE-2019-14498) * Fix a division by zero in the ASF demuxer (CVE-2019-14535)


Discovery 2019-07-14
Entry 2019-08-20
vlc
< 3.0.8,4

https://www.videolan.org/developers/vlc-branch/NEWS
CVE-2019-13602
CVE-2019-13962
CVE-2019-14437
CVE-2019-14438
CVE-2019-14498
CVE-2019-14533
CVE-2019-14534
CVE-2019-14535
CVE-2019-14776
CVE-2019-14777
CVE-2019-14778
CVE-2019-14970
a0a4e24c-4760-11e5-9391-3c970e169bc2vlc -- arbitrary pointer dereference vulnerability

oCERT reports:

The stable VLC version suffers from an arbitrary pointer dereference vulnerability.

The vulnerability affects the 3GP file format parser, insufficient restrictions on a writable buffer can be exploited to execute arbitrary code via the heap memory. A specific 3GP file can be crafted to trigger the vulnerability.

Credit: vulnerability reported by Loren Maggiore of Trail of Bits.


Discovery 2015-08-20
Entry 2015-08-20
vlc
< 2.2.1_5,4

CVE-2015-5949
https://git.videolan.org/?p=vlc/vlc-2.2.git;a=commitdiff;h=ce91452460a75d7424b165c4dc8db98114c3cbd9;hp=9e12195d3e4316278af1fa4bcb6a705ff27456fd
https://www.ocert.org/advisories/ocert-2015-009.html
dc57ad48-ecbb-439b-a4d0-5869be47684evlc -- Use after free vulnerability

Mitre reports:

VideoLAN VLC media player 2.2.x is prone to a use after free vulnerability which an attacker can leverage to execute arbitrary code via crafted MKV files. Failed exploit attempts will likely result in denial of service conditions.


Discovery 2018-06-06
Entry 2018-07-21
vlc
le 2.2.8_6,4

vlc-qt4
le 2.2.8_6,4

CVE-2018-11529
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11529
http://seclists.org/fulldisclosure/2018/Jul/28
https://github.com/rapid7/metasploit-framework/pull/10335
https://github.com/videolan/vlc-3.0/commit/c472668ff873cfe29281822b4548715fb7bb0368
https://github.com/videolan/vlc-3.0/commit/d2dadb37e7acc25ae08df71e563855d6e17b5b42
e7d91a3c-a7c9-11df-870c-00242b513d7cvlc -- invalid id3v2 tags may lead to invalid memory dereferencing

VideoLAN project reports:

VLC fails to perform sufficient input validation when trying to extract some meta-informations about input media through ID3v2 tags. In the failure case, VLC attempt dereference an invalid memory address, and a crash will ensure.


Discovery 2010-07-29
Entry 2010-08-14
vlc
gt 0.9.0,3 lt 1.1.2_1,3

CVE-2010-2937
http://www.videolan.org/security/sa1004.html
ec6aeb8e-41e4-11e7-aa00-5404a68ad561vlc -- remote code execution via crafted subtitles

Check Point research team reports:

Remote code execution via crafted subtitles


Discovery 2017-05-23
Entry 2017-05-26
vlc
< 2.2.6,4

vlc-qt4
< 2.2.6,4

http://blog.checkpoint.com/2017/05/23/hacked-in-translation/
f2144530-936f-11e9-8fc4-5404a68ad561vlc -- Buffer overflow vulnerability

zhangyang reports:

The ReadFrame function in the avi.c file uses a variable i_width_bytes, which is obtained directly from the file. It is a signed integer. It does not do a strict check before the memory operation(memmove, memcpy), which may cause a buffer overflow.


Discovery 2019-01-23
Entry 2019-06-20
vlc
< 3.0.7,4

CVE-2019-5439
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5439
https://hackerone.com/reports/484398
f9258873-2ee2-11e0-afcd-0015f2db7bdevlc -- Insufficient input validation in MKV demuxer

VLC team reports:

When parsing an invalid MKV (Matroska or WebM) file, input validation are insufficient.


Discovery 2011-01-26
Entry 2011-02-02
vlc
< 1.1.7

http://www.videolan.org/security/sa1102.html