|Title:||VLC Media Player CAF Demuxer Integer Underflow Vulnerability (Mac OS X)|
|Summary:||The host is installed with VLC media player; and is prone to integer underflow vulnerability.|
The host is installed with VLC media player
and is prone to integer underflow vulnerability.
The flaw exist due to an improper handling
of magic cookies in Core Audio Format (CAF) files, which could result in an
uninitialized memory read in the CAF demuxer.
Successful exploitation will allow attackers
to execute arbitrary code in the context of the affected application and failed
exploit attempts will likely result in denial of service conditions.
VideoLAN VLC media player version 3.0.4 on Mac OS X
Apply patch from Reference.
For updates refer to Reference links.
Common Vulnerability Exposure (CVE) ID: CVE-2018-19857|
|Copyright||Copyright (C) 2018 Greenbone Networks GmbH|
|This is only one of 71225 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.