CRITICAL9.8
VideoLAN VLC media player before 2.1.5 allows remote attackers to execute arbitrary code or cause a denial of service.
CVSS 2.0HIGH 7.5
CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:PCVSS 3.xCRITICAL 9.8
CVSS:3.x/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HReferences
- http://billblough.net/blog/2015/03/04/cve-2014-6440-heap-overflow-in-vlc-transcode-module/
- http://seclists.org/oss-sec/2015/q1/751
- http://www.securityfocus.com/bid/72950
- http://www.videolan.org/developers/vlc-branch/NEWS
- https://security.gentoo.org/glsa/201603-08
- http://billblough.net/blog/2015/03/04/cve-2014-6440-heap-overflow-in-vlc-transcode-module/
- http://seclists.org/oss-sec/2015/q1/751
- http://www.securityfocus.com/bid/72950
- http://www.videolan.org/developers/vlc-branch/NEWS
- https://security.gentoo.org/glsa/201603-08