Description
codec\libpng_plugin.dll in VideoLAN VLC Media Player 2.1.3 allows remote attackers to cause a denial of service (crash) via a crafted .png file, as demonstrated by a png in a .wave file.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Aryan Bayaninejad · pythondosmultiple
https://www.exploit-db.com/exploits/39177
References (2)
Core 2
Core References
Exploit x_refsource_misc
http://packetstormsecurity.com/files/126564/VLC-Player-2.1.3-Memory-Corruption.html
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/67315
Scores
EPSS
0.0797
EPSS Percentile
92.1%
Details
CWE
CWE-119
Status
published
Products (1)
videolan/vlc_media_player
2.1.3
Published
May 14, 2014
Tracked Since
Feb 18, 2026