Lucene search
Veracode Vulnerability DatabaseVERACODE:29069HistoryJan 21, 2021 - 3:07 a.m.
Arbitrary Code Execution
2021-01-2103:07:20
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
14
vlc
arbitrary code execution
buffer overflow
ebmltypedispatcher
malicious file
EPSS
0.002
Percentile
60.0%
vlc is vulnerable to arbitrary code execution. A heap-based buffer overflow in EbmlTypeDispatcher::send allows an attacker to execute arbitrary code on the host OS via a malicious .mkv file.
References
videolan.com
vlc.com
gist.githubusercontent.com/henices/db11664dd45b9f322f8514d182aef5ea/raw/d56940c8bf211992bf4f3309a85bb2b69383e511/CVE-2020-26664.txt
lists.debian.org/debian-lts-announce/2022/06/msg00012.html
security-tracker.debian.org/tracker/CVE-2020-26664
security.gentoo.org/glsa/202101-37
www.debian.org/security/2021/dsa-4834
Related
debian
debian
[SECURITY] [DSA 4834-1] vlc security update
2021-01-22 18:47:52
[SECURITY] [DLA 3050-1] vlc security update
2022-06-10 16:55:16
osv
osv
CVE-2020-26664
2021-01-08 18:15:13
vlc - security update
2022-06-10 00:00:00
vlc - security update
2021-01-22 00:00:00
openvas
openvas
Debian: Security Advisory (DLA-3050-1)
2022-06-11 00:00:00
openSUSE: Security Advisory for vlc (openSUSE-SU-2021:0691-1)
2021-05-12 00:00:00
openSUSE: Security Advisory for vlc (openSUSE-SU-2021:0091-1)
2021-04-16 00:00:00
nessus
nessus
openSUSE Security Update : vlc (openSUSE-2021-691)
2021-05-18 00:00:00
GLSA-202101-37 : VLC: Buffer overflow
2021-01-29 00:00:00
VLC < 3.0.12 Buffer Overflow
2021-02-04 00:00:00
nvd
nvd
CVE-2020-26664
2021-01-08 18:15:13
prion
prion
Heap overflow
2021-01-08 18:15:00
debiancve
debiancve
CVE-2020-26664
2021-01-08 18:15:13
ubuntucve
ubuntucve
CVE-2020-26664
2021-01-08 00:00:00
gentoo
gentoo
VLC: Buffer overflow
2021-01-29 00:00:00
alpinelinux
alpinelinux
CVE-2020-26664
2021-01-08 18:15:13
cve
cve
CVE-2020-26664
2021-01-08 18:15:13
suse
suse
Security update for vlc (moderate)
2021-05-12 00:00:00
Security update for vlc (moderate)
2021-05-09 00:00:00
Security update for vlc (important)
2021-01-19 00:00:00
archlinux
archlinux
[ASA-202101-35] vlc: arbitrary code execution
2021-01-20 00:00:00
cvelist
cvelist
CVE-2020-26664
2021-01-08 17:40:41
malwarebytes
malwarebytes
Insights into your unpatched vulnerabilities
2023-12-11 10:17:48