CVE ID | Published | Description | Score | Severity |
---|---|---|---|---|
A binary hijacking vulnerability exists within the VideoLAN VLC media player before 3.0.19 on Windows. The uninstaller attempts to execute code with elevated privileges out of a standard user writable location. Standard users may use this to gain arbitrary code execution as SYSTEM. | 7.8 |
High |
||
Videolan VLC prior to version 3.0.20 contains an incorrect offset read that leads to a Heap-Based Buffer Overflow in function GetPacket() and results in a memory corruption. | 9.8 |
Critical |
||
Videolan VLC prior to version 3.0.20 contains an Integer underflow that leads to an incorrect packet length. | 7.5 |
High |