Remote code execution in VideoLAN VLC media player
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2017-10699 |
| CWE-ID | CWE-787 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
VLC Media Player Client/Desktop applications / Multimedia software |
| Vendor | VideoLAN |
Security Bulletin
This security bulletin contains one high risk vulnerability.
1) Heap-out-of-bounds write
EUVDB-ID: #VU7371
Risk: High
CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2017-10699
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
Description
The vulnerability allows a remote attacker to cause DoS condition or execute arbitrary code.
The vulnerability exists in VLC Media Player due to calling memcpy() with a wrong size. A remote attacker can create a specially crafted media file, trick the victim into loading it, trigger out-of-bounds heap memory write in the avcodec component and cause the application to crash or execute arbitrary code with privileges of the current user.
Successful exploitation of the vulnerability may result in system compromise.
The vendor has issued a source code fix, available at:
http://git.videolan.org/?p=vlc/vlc-2.2.git;a=commit;h=6cc73bcad19da2cd2e95671173f2e0d203a57e9b
VLC Media Player: 2.2.7
CPE2.3 External linkshttps://trac.videolan.org/vlc/ticket/18467
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
