Intrusion PreventionVideoLAN.VLC.Media.Player.MKV.Header.Handling.Use.After.Free
Description
This indicates an attack attempt to exploit a Use After Free vulnerability in VideoLAN VLC media player.
The vulnerability is due to an error in the application while handling a malformed MKV file. A remote attacker may be able to exploit this to execute arbitrary code within the context of the application.
Affected Products
VideoLAN VLC Media Player prior to 2.2.8
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Upgrade to the latest version, available from the website.
https://www.videolan.org/vlc/
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2023-08-01 | 25.612 | Name:VideoLan. VLC. Media. Player. MKV. Header. Handling. Use. After. Free:VideoLAN. VLC. Media. Player. MKV. Header. Handling. Use. After. Free |
| 2020-11-16 | 16.962 | Sig Added |
| 2018-10-23 | 13.477 | Sig Added |
| ID | 46541 |
| Created | Aug 17, 2018 |
| Updated | Jul 31, 2023 |
| Risk |
|
| CVE ID | CVE-2018-11529 |
| Exploit Prediction Score | 77.73% |
| Default Action | drop |
| Active | |
| Affected OS | Windows, Linux |
| Affected App | Other |