|
| Description: | | Potential heap based buffer overflow in ParseJSS in VideoLAN VLC before 2.2.5 due to skipping NULL terminator in an input string allows attackers to execute arbitrary code via a crafted subtitles file. |
|
| Impact: | | A buffer overflow vulnerability can be triggered by an attacker in the context of the vulnerable product. Further attacks include arbitrary code execution and denial of service. |
|
| Affected OS: | | Windows |
|
| Reference: | | SecurityFocusBID:98634
ExploitDB:44514
http://git.videolan.org/?p=vlc.git
a=commitdiff
|
|