CVE-2018-19857 - The CAF demuxer in modules/demux/caf.c in VideoLAN VLC media player 3.0.4 may read memory from an un

CVE-2018-19857

Summary

The CAF demuxer in modules/demux/caf.c in VideoLAN VLC media player 3.0.4 may read memory from an uninitialized pointer when processing magic cookies in CAF files, because a ReadKukiChunk() cast converts a return value to an unsigned int even if that value is negative. This could result in a denial of service and/or a potential infoleak.

References

Vulnerable Configurations

cpe:2.3:a:videolan:vlc_media_player:3.0.4:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:3.0.4:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

CVSS

Base:	6.4 (as of 25-07-2019 - 17:15)
Impact:
Exploitability:

CWE

CWE-824

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	NONE	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:N/C:P/I:N/A:P

refmap via4

bid	106130
debian	DSA-4366
misc	https://dyntopia.com/advisories/013-vlc https://git.videolan.org/?p=vlc.git;a=commit;h=0cc5ea748ee5ff7705dde61ab15dff8f58be39d0
suse	openSUSE-SU-2019:1840 openSUSE-SU-2019:1897 openSUSE-SU-2019:1909 openSUSE-SU-2019:2015
ubuntu	USN-4074-1

Last major update

25-07-2019 - 17:15

Published

05-12-2018 - 11:29

Last modified

25-07-2019 - 17:15