Denial of Service Vulnerability in VLC Media Player by VideoLAN
CVE-2024-46461

8HIGH

Key Information:

Vendor: VideoLAN
Status: VLC Media Player
Vendor: CVE Published:; 25 September 2024

What is CVE-2024-46461?

VLC Media Player versions 3.0.20 and earlier are susceptible to a denial of service attack stemming from an integer overflow vulnerability. This flaw can be exploited through a maliciously crafted MMS stream, potentially leading to a heap-based overflow. If successfully executed, an attacker could crash the application or achieve arbitrary code execution under the privileges of the user running VLC, posing significant risks to user systems.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://www.videolan.org/security/sb-vlc3021.html

CVSS V3.1

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Sep 25, 2024

JSON

VideoLAN

What is CVE-2024-46461?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.