Gravité: : Medium
  Identifiant(s) CVE: : CVE-2012-5470
  Date du conseil: 21 juillet 2015

  Description

libpng_plugin in VideoLAN VLC media player 2.0.3 allows remote attackers to cause a denial of service (application crash) via a crafted PNG file. nvd: Per http://www.videolan.org/security/sa1203.html When parsing an invalid PNG image file, a buffer overflow might occur.

  Information Exposure Rating:

Apply associated Trend Micro DPI Rules.

  Solutions

  Trend Micro Deep Security DPI Rule Number: 1005226
  Trend Micro Deep Security DPI Rule Name: 1005226 - VLC Media Player Read Access Violation Arbitrary Code Execution Vulnerability

  Affected software and version:

  • videolan vlc_media_player 2.0.3