Denial of service in VideoLAN VLC Media Player

Published: 2018-12-07 22:58:45
Severity Low
Patch available YES
Number of vulnerabilities 1
CVE ID CVE-2018-19857
CVSSv3 5.9 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C]
CWE ID CWE-20
Exploitation vector Network
Public exploit Public exploit code for vulnerability #1 is available.
Vulnerable software VLC Media Player
Vulnerable software versions VLC Media Player 3.0.4
Vendor URL VideoLAN Organization

Security Advisory

1) Improper input validation

Description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to improper handling of magic cookies in Core Audio Format (CAF) files, which could result in an uninitialized memory read in the CAF demuxer. A remote attacker can trick the victim into accessing a CAF file that submits malicious input, trigger typecast that converts a possibly negative return value to an unsigned integer in the ReadKukiChunk() function and cause the service to crash.

Remediation

Install update from vendor's website.

External links

https://git.videolan.org/?p=vlc.git&a=commit&h=0cc5ea748ee5ff7705dde61ab15dff8f58be39d0

Back to List