Jump to:

CVE-2014-3441

Jump to:

CVE-2014-3441

Package vlc updated to version 2.1.4-alt1 for branch sisyphus in task 119700.

Published: 2014-05-14
Modified: 2025-04-12

CVE-2014-3441

codec\libpng_plugin.dll in VideoLAN VLC Media Player 2.1.3 allows remote attackers to cause a denial of service (crash) via a crafted .png file, as demonstrated by a png in a .wave file.

Severity: MEDIUM (4.3) Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

References:

http://packetstormsecurity.com/files/126564/VLC-Player-2.1.3-Memory-Corruption.html
http://www.securityfocus.com/bid/67315
http://packetstormsecurity.com/files/126564/VLC-Player-2.1.3-Memory-Corruption.html
http://www.securityfocus.com/bid/67315

Version: 2.1.2

Package vlc update in sisyphus on 2014-05-15

ALT-PU-2014-1643-1

Closed vulnerabilities

CVE-2014-3441