Vulnerability Description
plugins\codec\libflac_plugin.dll in VideoLAN VLC media player 2.2.4 allows remote attackers to cause a denial of service (heap corruption and application crash) or possibly have unspecified other impact via a crafted FLAC file.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Videolan | Vlc Media Player | <= 2.2.4 |
Related Weaknesses (CWE)
References
- http://code610.blogspot.com/2017/04/multiple-crashes-in-vlc-224.htmlExploitThird Party Advisory
- http://www.securityfocus.com/bid/98747Third Party AdvisoryVDB Entry
- https://www.debian.org/security/2017/dsa-4045
- http://code610.blogspot.com/2017/04/multiple-crashes-in-vlc-224.htmlExploitThird Party Advisory
- http://www.securityfocus.com/bid/98747Third Party AdvisoryVDB Entry
- https://www.debian.org/security/2017/dsa-4045
FAQ
What is CVE-2017-9300?
CVE-2017-9300 is a vulnerability with a CVSS score of 7.8 (HIGH). plugins\codec\libflac_plugin.dll in VideoLAN VLC media player 2.2.4 allows remote attackers to cause a denial of service (heap corruption and application crash) or possibly have unspecified other impa...
How severe is CVE-2017-9300?
CVE-2017-9300 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-9300?
Check the references section above for vendor advisories and patch information. Affected products include: Videolan Vlc Media Player.