CVE-2013-4388Improper Restriction of Operations within the Bounds of a Memory Buffer in VLC Media Player

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer5 documents5 sources
Severity
6.8MEDIUMNVD
EPSS
3.9%
top 11.70%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Videolan VLC Media Player
Timeline
PublishedOct 11
Latest updateMay 17

Description

Buffer overflow in the mp4a packetizer (modules/packetizer/mpeg4audio.c) in VideoLAN VLC Media Player before 2.0.8 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages2 packages

Debianvideolan/vlc_media_player< 2.1.0-1+3

🔴Vulnerability Details

3
GHSA
GHSA-h8jp-pg37-w2ww: Buffer overflow in the mp4a packetizer (modules/packetizer/mpeg4audio2022-05-17
CVEList
CVE-2013-4388: Buffer overflow in the mp4a packetizer (modules/packetizer/mpeg4audio2013-10-11
OSV
CVE-2013-4388: Buffer overflow in the mp4a packetizer (modules/packetizer/mpeg4audio2013-10-11

📋Vendor Advisories

1
Debian
CVE-2013-4388: vlc - Buffer overflow in the mp4a packetizer (modules/packetizer/mpeg4audio.c) in Vide...2013
CVE-2013-4388 — Videolan VLC Media Player vulnerability | cvebase