QwikSec

Security Database

CVE

CWE

Training

CVE-2019-13602

Published: Jul 14, 2019

Modified: Aug 4, 2024

PUBLISHED

Description

An Integer Underflow in MP4_EIA608_Convert() in modules/demux/mp4/mp4.c in VideoLAN VLC media player through 3.0.7.1 allows remote attackers to cause a denial of service (heap-based buffer overflow and crash) or possibly have unspecified other impact via a crafted .mp4 file.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://git.videolan.org/?p=vlc.git%3Ba=commit%3Bh=8e8e0d72447f8378244f5b4a3dcde036dbeb1491

x_refsource_MISC

https://git.videolan.org/?p=vlc.git%3Ba=commit%3Bh=b2b157076d9e94df34502dd8df0787deb940e938

x_refsource_MISC

vdb-entry

x_refsource_BID

vendor-advisory

x_refsource_UBUNTU

openSUSE-SU-2019:1840

vendor-advisory

x_refsource_SUSE

openSUSE-SU-2019:1909

vendor-advisory

x_refsource_SUSE

openSUSE-SU-2019:1897

vendor-advisory

x_refsource_SUSE

vendor-advisory

x_refsource_DEBIAN

20190821 [SECURITY] [DSA 4504-1] vlc security update

mailing-list

x_refsource_BUGTRAQ

openSUSE-SU-2019:2015

vendor-advisory

x_refsource_SUSE

vendor-advisory

x_refsource_GENTOO

openSUSE-SU-2020:0545

vendor-advisory

x_refsource_SUSE

openSUSE-SU-2020:0562

vendor-advisory

x_refsource_SUSE

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.