CVE-2013-1868

EPSS 50.7%

vlc - security update

Published: 7/10/2013Modified: 4/28/2026

Description

Multiple buffer overflows in VideoLAN VLC media player 2.0.4 and earlier allow remote attackers to cause a denial of service (crash) and execute arbitrary code via vectors related to the (1) freetype renderer and (2) HTML subtitle parser.

Affected packages (2)

Debian/vlcfrom 0, < 2.0.5-1
Debian/vlcfrom 0, < 2.0.3-5+deb7u1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2013-1868