CVSS: 9.3EPSS: 96%CPEs: 69EXPL: 1CVE-2011-0531 – VideoLAN VLC Media Player 1.1.6 - 'MKV' Memory Corruption
https://notcve.org/view.php?id=CVE-2011-0531
demux/mkv/mkv.hpp in the MKV demuxer plugin in VideoLAN VLC media player 1.1.6.1 and earlier allows remote attackers to cause a denial of service (crash) and execute arbitrary commands via a crafted MKV (WebM or Matroska) file that triggers memory corruption, related to "class mismatching" and the MKV_IS_ID macro. demux/mkv/mkv.hpp en el plugin MKV demuxer en VideoLAN VLC Media Player v1.1.6.1 y anteriores permite a atacantes remotos causar una denegación de servicio (caída) y ejecutar comandos arbitrarios a través de un archivo MKV (Matroska o WebM) manipulado que realiza una corrupción de memoria, relacionado con "class mismatching" y la macro MKV_IS_ID. • https://www.exploit-db.com/exploits/16637 http://git.videolan.org/?p=vlc.git%3Ba=commit%3Bh=59491dcedffbf97612d2c572943b56ee4289dd07 http://osvdb.org/70698 http://secunia.com/advisories/43131 http://secunia.com/advisories/43242 http://www.debian.org/security/2011/dsa-2159 http://www.openwall.com/lists/oss-security/2011/01/31/4 http://www.openwall.com/lists/oss-security/2011/01/31/8 http://www.securityfocus.com/bid/46060 http://www.securitytracker.com/id?1025018 http: • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 4%CPEs: 67EXPL: 0CVE-2011-0021
https://notcve.org/view.php?id=CVE-2011-0021
Multiple heap-based buffer overflows in cdg.c in the CDG decoder in VideoLAN VLC Media Player before 1.1.6 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted CDG video. Múltiples desbordamientos de búfer de la memoria dinámica en cdg.c del descodificador CDG para VideoLAN VLC Media Player anterior a v1.1.6 permite a atacantes remotos causar una denegación de servicio (caída de aplicación) o posiblemente ejecutar código de su elección a través de un vídeo CDG manipulado • http://download.videolan.org/pub/videolan/vlc/1.1.6/vlc-1.1.6.tar.bz2 http://git.videolan.org/?p=vlc.git%3Ba=commit%3Bh=f9b664eac0e1a7bceed9d7b5854fd9fc351b4aab http://openwall.com/lists/oss-security/2011/01/19/6 http://openwall.com/lists/oss-security/2011/01/20/3 http://www.securityfocus.com/bid/45927 http://www.vupen.com/english/advisories/2011/0185 https://exchange.xforce.ibmcloud.com/vulnerabilities/64879 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg&# • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 5%CPEs: 67EXPL: 0CVE-2010-3907
https://notcve.org/view.php?id=CVE-2010-3907
Multiple integer overflows in real.c in the Real demuxer plugin in VideoLAN VLC Media Player before 1.1.6 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a zero i_subpackets value in a Real Media file, leading to a heap-based buffer overflow. Múltiples desbordamientos de entero en real.c en el complemento Real demuxer en VideoLAN VLC Media Player anterior a v1.1.6 permite a atacantes remotos causar una denegación de servicio (caída de aplicación) o posiblemente ejecutar código de su elección a través de un valor cero i_subpackets en un archivo de Real Media, que conduce a un desbordamiento de búfer basado en montón .. • http://git.videolan.org/?p=vlc.git%3Ba=commit%3Bh=6568965770f906d34d4aef83237842a5376adb55 http://www.cs.brown.edu/people/drosenbe/research.html http://www.securityfocus.com/bid/45632 http://www.videolan.org/security/sa1007.html http://www.vupen.com/english/advisories/2010/3345 https://exchange.xforce.ibmcloud.com/vulnerabilities/64461 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13950 • CWE-189: Numeric Errors •
CVSS: 9.3EPSS: 51%CPEs: 65EXPL: 2CVE-2010-3124 – VideoLAN VLC Media Player 1.1.3 - 'wintab32.dll' DLL Hijacking
https://notcve.org/view.php?id=CVE-2010-3124
Untrusted search path vulnerability in bin/winvlc.c in VLC Media Player 1.1.3 and earlier allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wintab32.dll that is located in the same folder as a .mp3 file. Vulnerabilidad de ruta de búsqueda no confiable en bin/winvlc.c de VLC Media Player v1.1.3 y anteriores permite a usuarios locales, y puede que atacantes remotos, ejecutar código de su elección y producir un ataque de secuestro de DLL, a través de un troyano wintab32.dll que está ubicado en la misma carpeta que un fichero .mp3. • https://www.exploit-db.com/exploits/14750 http://git.videolan.org/?p=vlc/vlc-1.1.git%3Ba=blobdiff%3Bf=bin/winvlc.c%3Bh=ac9b97ca9f5f9ba001f13bf61eb5127a1c1dbcbf%3Bhp=2d09cba320e3b0def7069ce1ebab25d1340161c5%3Bhb=43a31df56c37bd62c691cdbe3c1f11babd164b56%3Bhpb=2d366da738b19f8d761d7084746c6db6f52808c6 http://secunia.com/advisories/41107 http://www.exploit-db.com/exploits/14750 http://www.openwall.com/lists/oss-security/2010/08/25/10 http://www.openwall.com/lists/oss-security/2010/08/25/9 http://www.vupen.com/english/advis •
CVSS: 9.3EPSS: 8%CPEs: 1EXPL: 3CVE-2010-0364 – VideoLAN VLC Media Player 0.8.6 a/b/c/d (Win32 Universal) - '.ass' Local Buffer Overflow
https://notcve.org/view.php?id=CVE-2010-0364
Stack-based buffer overflow in VideoLAN VLC Media Player 0.8.6 allows user-assisted remote attackers to execute arbitrary code via an ogg file with a crafted Advanced SubStation Alpha Subtitle (.ass) file, probably involving the Dialogue field. Desbordamiento de búfer basado en pila en VideoLAN VLC Media Player 0.8.6 permite a atacantes remotos asistidos por el usuario, ejecutar código de su elección mediante un fichero ogg con un fichero Advanced SubStation Alpha Subtitle (.ass) manipulado, probablemente en relación con el campo Dialogue. • https://www.exploit-db.com/exploits/11174 http://www.exploit-db.com/exploits/11174 http://www.securityfocus.com/bid/37832 https://exchange.xforce.ibmcloud.com/vulnerabilities/55717 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14342 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •