CVE-2013-3245

Severity Score

6.3

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track*

*SSVC

Descriptions

plugins/demux/libmkv_plugin.dll in VideoLAN VLC Media Player 2.0.7, and possibly other versions, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted MKV file, possibly involving an integer overflow and out-of-bounds read or heap-based buffer overflow, or an uncaught exception. NOTE: the vendor disputes the severity and claimed vulnerability type of this issue, stating "This PoC crashes VLC, indeed, but does nothing more... this is not an integer overflow error, but an uncaught exception and I doubt that it is exploitable. This uncaught exception makes VLC abort, not execute random code, on my Linux 64bits machine." A PoC posted by the original researcher shows signs of an attacker-controlled out-of-bounds read, but the affected instruction does not involve a register that directly influences control flow

**EN DISPUTA** plugins/demux/libmkv_plugin.dll en VideoLAN VLC Media Player v2.0.7, y posiblemente otras versiones, permite a atacantes remotos provocar una denegación de servicio (caída) y posiblemente ejecutar código arbitrario a través de un archivo MKV especialmente diseñado, posiblemente provocando un desbordamiento de entero y fuera de los límites de lectura o desbordamiento de búfer basado en memoria dinámica, o una excepción no capturada. NOTA: el vendedor se afirmó que, "este PoC bloquea VLC, en efecto, pero no hace nada más ... esto no es un error de desbordamiento de entero, sino una excepción no capturada y dudo que sea explotable. Esta excepción no capturada hace que VLC se interrumpa, pero no ejecuta código arbitrario, en mi máquina Linux 64bits ". Un prueba de concepto publicado por el investigador original muestra signos de una lectura fuera de los límites controlada, aunque la instrucción afectada no implica un registro que influya directamente en el flujo de control.

*Credits: N/A

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

Low

Integrity

Low

Availability

Low

Attack Vector

Network

Attack Complexity

Medium

Authentication

None

Confidentiality

Partial

Integrity

Partial

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:Track*

Exploitation

Poc

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2013-04-22 CVE Reserved
2013-07-10 CVE Published
2024-09-16 CVE Updated
2024-09-16 First Exploit
2024-09-17 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date

CWE

CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE-122: Heap-based Buffer Overflow
CWE-125: Out-of-bounds Read

CAPEC

References (7)

URL	Tag	Source
http://seclists.org/fulldisclosure/2013/Jul/77	Mailing List
http://seclists.org/fulldisclosure/2013/Jul/79	Mailing List
http://www.jbkempf.com/blog/post/2013/More-lies-from-Secunia	X_refsource_misc
http://www.securityfocus.com/bid/61032	Vdb Entry

URL	Date	SRC
http://seclists.org/fulldisclosure/2013/Jul/71	2024-09-16

URL	Date	SRC

URL	Date	SRC
http://secunia.com/advisories/52956	2024-07-03
http://secunia.com/blog/372	2024-07-03

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Videolan Search vendor "Videolan"		Vlc Media Player Search vendor "Videolan" for product "Vlc Media Player"				2.0.7 Search vendor "Videolan" for product "Vlc Media Player" and version "2.0.7"		-		Affected