E18-5irt1
CVSS:
8.0 CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
False Positive:
f
Variants:
1
Year:
2018
Description
This strike exploits a use after free vulnerability in VideoLan VLC Media Player.
The vulnerability is due to unsafe parsing of the UAF objects within the MKV header.
An attacker may potentially leverage the vulnerability by specially crafting MKV files, to corrupt sensitive data or execute arbitrary code.
Failed exploit attempts will likely result in denial of service conditions.