CVE-2014-3441
published 2014-05-14CVE-2014-3441: codec\libpng_plugin.dll in VideoLAN VLC Media Player 2.1.3 allows remote attackers to cause a denial of service (crash) via a crafted .png file, as…
PriorityP420medium4.3CVSS 2.0
AVNACMAuNCNINAP
EXPLOIT
EPSS
3.99%
89.2th percentile
codec\libpng_plugin.dll in VideoLAN VLC Media Player 2.1.3 allows remote attackers to cause a denial of service (crash) via a crafted .png file, as demonstrated by a png in a .wave file.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | vlc | — | — |
| videolan | vlc_media_player | — | — |
CVSS provenance
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:N/A:P
vendor_debian4.3LOW
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-5w4x-p949-wjm4: codec\libpng_plugin
ghsa_unreviewed·2022-05-17
CVE-2014-3441 [MEDIUM] CWE-119 GHSA-5w4x-p949-wjm4: codec\libpng_plugin
codec\libpng_plugin.dll in VideoLAN VLC Media Player 2.1.3 allows remote attackers to cause a denial of service (crash) via a crafted .png file, as demonstrated by a png in a .wave file.
Debian
CVE-2014-3441: vlc - codec\libpng_plugin.dll in VideoLAN VLC Media Player 2.1.3 allows remote attacke...
vendor_debian·2014·CVSS 4.3
CVE-2014-3441 [MEDIUM] CVE-2014-3441: vlc - codec\libpng_plugin.dll in VideoLAN VLC Media Player 2.1.3 allows remote attacke...
codec\libpng_plugin.dll in VideoLAN VLC Media Player 2.1.3 allows remote attackers to cause a denial of service (crash) via a crafted .png file, as demonstrated by a png in a .wave file.
Scope: local
bookworm: resolved
bullseye: resolved
forky: resolved
sid: resolved
trixie: resolved
No detection rules found.
No writeups or analysis indexed.
2014-05-14
Published