{"id":"CVE-2014-6440","details":"VideoLAN VLC media player before 2.1.5 allows remote attackers to execute arbitrary code or cause a denial of service.","modified":"2026-02-04T07:11:14.966647Z","published":"2017-03-28T15:59:00Z","related":["MGASA-2015-0095"],"references":[{"type":"ADVISORY","url":"http://billblough.net/blog/2015/03/04/cve-2014-6440-heap-overflow-in-vlc-transcode-module/"},{"type":"ADVISORY","url":"http://seclists.org/oss-sec/2015/q1/751"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/72950"},{"type":"ADVISORY","url":"http://www.videolan.org/developers/vlc-branch/NEWS"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/201603-08"},{"type":"ARTICLE","url":"http://billblough.net/blog/2015/03/04/cve-2014-6440-heap-overflow-in-vlc-transcode-module/"},{"type":"EVIDENCE","url":"http://billblough.net/blog/2015/03/04/cve-2014-6440-heap-overflow-in-vlc-transcode-module/"},{"type":"FIX","url":"http://billblough.net/blog/2015/03/04/cve-2014-6440-heap-overflow-in-vlc-transcode-module/"},{"type":"FIX","url":"http://seclists.org/oss-sec/2015/q1/751"}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}