SecuritySpace - CVE-2014-9627

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2014-9627

Description: The MP4_ReadBox_String function in modules/demux/mp4/libmp4.c in VideoLAN VLC media player before 2.1.6 performs an incorrect cast operation from a 64-bit integer to a 32-bit integer, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large box size.

Test IDs: 1.3.6.1.4.1.25623.1.0.703150

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2014-9627
http://openwall.com/lists/oss-security/2015/01/20/5
https://github.com/videolan/vlc/commit/2e7c7091a61aa5d07e7997b393d821e91f593c39

CVE ID:	CVE-2014-9627
Description:	The MP4_ReadBox_String function in modules/demux/mp4/libmp4.c in VideoLAN VLC media player before 2.1.6 performs an incorrect cast operation from a 64-bit integer to a 32-bit integer, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large box size.
Test IDs:	1.3.6.1.4.1.25623.1.0.703150
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2014-9627 http://openwall.com/lists/oss-security/2015/01/20/5 https://github.com/videolan/vlc/commit/2e7c7091a61aa5d07e7997b393d821e91f593c39