0.001 Low
EPSS
Percentile
45.2%
vlc is vulnerable to integer overflows. The vulnerability exists through the VNC module via tricking a user into opening a crafted playlist or connecting to a rogue VNC server, which allows a malicious attacker to cause integer overflows.
VNC
security-tracker.debian.org/tracker/CVE-2022-41325
twitter.com/0xMitsurugi
www.debian.org/security/2022/dsa-5297
www.synacktiv.com/sites/default/files/2022-11/vlc_vnc_int_overflow-CVE-2022-41325.pdf
www.videolan.org/security/sb-vlc3018.html