VideoLAN VLC media player 2.2.x before 3.0.3-1 is prone to a use after free vulnerability which an attacker can leverage to execute arbitrary code via crafted MKV files. Failed exploit attempts will likely result in denial of service conditions.
VideoLAN VLC media player 2.2.x before 3.0.3-1 is prone to a use after free vulnerability which an attacker can leverage to execute arbitrary code via crafted MKV files. Failed exploit attempts will likely result in denial of service conditions.
https://github.com/videolan/vlc-3.0/commit/c472668ff873cfe29281822b4548715fb7bb0368 https://github.com/videolan/vlc-3.0/commit/d2dadb37e7acc25ae08df71e563855d6e17b5b42 http://seclists.org/fulldisclosure/2018/Jul/28