CVE-2014-9626
Published
CVSS v3
7.8
HIGH
CVSS v2
6.8
MEDIUM
Affected
1
PROJECT
Description
Integer underflow in the MP4_ReadBox_String function in modules/demux/mp4/libmp4.c in VideoLAN VLC media player before 2.1.6 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a box size less than 7.
VLC media player - plays everything, runs anywhere. Code here: https://code.videolan.org/videolan/vlc
GitHub