• VLC media player
• Project and Community
• Documentation/Support
• Wiki
• Forum
• Developers

• Overview
• Download
• Features
• Screenshots
• Streaming
• Skins

2008

VideoLAN-SA-0806 (CVE-2008-2430)

Arbitrary code execution through potential heap-overflows in VLC's WAV demuxer. Details

VideoLAN-SA-0805 (CVE-2008-2147)

Arbitrary code execution through rogue VLC plugins in the current directory. Details

VideoLAN-SA-0804 (CVE-2007-6683)

Arbitrary file overwrite and other abuses through M3U parser and browsers plugins. Details

VideoLAN-SA-0803 (CVE-2008-0073, CVE-2008-1489, CVE-2008-1768, CVE-2008-1769)

Arbitrary memory overwrite vulnerabilities in multiple modules: Real RTSP demuxer, Real Media demuxer, MP4 demuxer, Cinepak decoder. Details

VideoLAN-SA-0802, CORE-2008-0130 (CVE-2008-0984)

Arbitrary memory overwrite vulnerability in the MP4 demuxer. Details

VideoLAN-SA-0801 (CVE-2007-6681, CVE-2007-6682, CVE-2008-0295, CVE-2008-0296)

Format string vulnerability in the Web interface. Stack-based buffer overflow in the Subtitles demuxer. String buffer overflows in the Real RTSP demuxer. Details

2007

VideoLAN-SA-0703, CORE-2007-1004 (CVE-2007-6262)

Recursive plugin release vulnerability in the Active X plugin. Details

VideoLAN-SA-0702 (CVE-2007-3316)

Format string injection in Vorbis, Theora, SAP and CDDA plugins. Details

VideoLAN-SA-0701, MOAB-02-01-2007 (CVE-2007-0017)

URL format string injection in CDDA and VCDX plugins. Details