Code Execution Vulnerability in VideoLAN VLC Media Player 3.0.8 with libqt on Windows

Code Execution Vulnerability in VideoLAN VLC Media Player 3.0.8 with libqt on Windows

CVE-2019-18278 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

When executing VideoLAN VLC media player 3.0.8 with libqt on Windows, Data from a Faulting Address controls Code Flow starting at libqt_plugin!vlc_entry_license__3_0_0f+0x00000000003b9aba. NOTE: the VideoLAN security team indicates that they have not been contacted, and have no way of reproducing this issue.

Learn more about our Contact.