cbcvebase.
CVE-2018-19857
published 2018-12-05

CVE-2018-19857: The CAF demuxer in modules/demux/caf.c in VideoLAN VLC media player 3.0.4 may read memory from an uninitialized pointer when processing magic cookies in CAF…

PriorityP341critical9.1CVSS 3.0
AVNACLPRNUINSUCHINAH
EPSS
3.92%
89.0th percentile
The CAF demuxer in modules/demux/caf.c in VideoLAN VLC media player 3.0.4 may read memory from an uninitialized pointer when processing magic cookies in CAF files, because a ReadKukiChunk() cast converts a return value to an unsigned int even if that value is negative. This could result in a denial of service and/or a potential infoleak.

Affected

8 ranges
VendorProductVersion rangeFixed in
debiandebian_linux
debianvlc< vlc 3.0.4-4 (bookworm)vlc 3.0.4-4 (bookworm)
videolanvlc_media_player
videolanvlc_media_player>= 0 < 3.0.4-43.0.4-4
videolanvlc_media_player>= 0 < 3.0.4-43.0.4-4
videolanvlc_media_player>= 0 < 3.0.4-43.0.4-4
videolanvlc_media_player>= 0 < 3.0.4-43.0.4-4
videolanvlc_media_player>= 0 < 3.0.7.1-0ubuntu18.04.13.0.7.1-0ubuntu18.04.1

CVSS provenance

nvdv3.09.1CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
nvdv2.06.4MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:P
osv9.1CRITICAL
vendor_debian9.1CRITICAL
vendor_ubuntu9.1CRITICAL
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.