The rtp_packetize_xiph_config function in modules/stream_out/rtpfmt.c in VideoLAN VLC media player prior to 2.1.6 uses a stack-allocation approach with a size determined by arbitrary input data, which allows remote malicious users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted length value.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
videolan vlc media player |