Show filters
2 Total Results
Displaying 1-2 of 2
Sort by:
Attacker Value
Unknown
CVE-2019-13962 avcodec lavc_CopyPicture Heap Buffer Overflow
Last updated February 13, 2020
VLC media player is a free and open-source portable cross-platform media player software developed by the VideoLAN project. VLC is available for desktop operating systems and mobile platforms, such as Android, iOS, iPadOS, Wizen, Windows 10 Mobile, and Windows Phone. It is also available on digital distribution platforms such as Apple's App Store, Google Play, and Microsoft Store. It supports many audio and video compression methods and file formats, and can be used to stream media over computer networks.
A vulnerability was found in the AV codec's `Iavc_CopyPicture` function. A malicious video file can be crafted with an invalid width and height, and cause a heap based buffer overflow.
Versions 3.0.7 and prior are vulnerable.
0
Attacker Value
Unknown
CVE-2019-13962
Disclosure Date: July 18, 2019 (last updated November 08, 2023)
lavc_CopyPicture in modules/codec/avcodec/video.c in VideoLAN VLC media player through 3.0.7 has a heap-based buffer over-read because it does not properly validate the width and height.
0