A vulnerability in EbmlTypeDispatcher::send in VideoLAN VLC media player 3.0.11 allows attackers to trigger a heap-based buffer overflow via a crafted .mkv file.
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26664
Reference (s):
- DEBIAN:DSA-4834
- URL: https://www.debian.org/security/2021/dsa-4834
- GENTOO:GLSA-202101-37
- URL: https://security.gentoo.org/glsa/202101-37
- http://videolan.com