Back to search
CVE-2012-5855
Published: Jul 10, 2013
Modified: Aug 6, 2024
PUBLISHED
Description
The SHAddToRecentDocs function in VideoLAN VLC media player 2.0.4 and earlier might allow user-assisted attackers to cause a denial of service (crash) via a crafted file name that triggers an incorrect string-length calculation when the file is added to VLC. NOTE: it is not clear whether this issue crosses privilege boundaries or whether it can be exploited without user interaction.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
20121105 VideoLAN VLC Media Player <= 2.0.4 Crash Bug
mailing-list
x_refsource_BUGTRAQ
oval:org.mitre.oval:def:16781
vdb-entry
signature
x_refsource_OVAL
[oss-security] 20121112 VLC 2.0.4 SHAddToRecentDocs CVE-2012-5855
mailing-list
x_refsource_MLIST
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now