A heap-based buffer overflow in the hxxx_AnnexB_to_xVC function in modules/packetizer/hxxx_nal.c in VideoLAN VLC media player prior to 3.0.11 for macOS/iOS allows remote malicious users to cause a denial of service (application crash) or execute arbitrary code via a crafted H.264 Annex-B video (.avi for example) file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
videolan vlc media player |
||
debian debian linux 9.0 |
||
debian debian linux 10.0 |