CVE-2011-2194

EPSS 12.9%

vlc - buffer overflow

Published: 6/24/2011Modified: 4/28/2026

Also known as:DEBIAN-CVE-2011-2194

Description

Integer overflow in the XSPF playlist parser in VideoLAN VLC media player 0.8.5 through 1.1.9 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors that trigger a heap-based buffer overflow.

Affected packages (2)

Debian/vlcfrom 0, < 1.1.10-1
Debian/vlcfrom 0, < 1.1.3-1squeeze6

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2011-2194