CVE-2017-10699
Debian Security Advisory 4045-1
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
avcodec 2.2.x, as used in VideoLAN VLC media player 2.2.7-x before 2017-06-29, allows out-of-bounds heap memory write due to calling memcpy() with a wrong size, leading to a denial of service (application crash) or possibly code execution.
avcodec 2.2.x, tal y como se emplea en el reproductor multimedia VideoLAN VLC en versiones 2.2.7-x anteriores a la 2017-06-29, permite una escritura en la memoria dinámica (heap) fuera de límites debido a que se llama a memcpy() con un tamaño erróneo. Esto conduce a una denegación de servicio (cierre inesperado de la aplicación) o a una posible ejecución de código.
Several vulnerabilities have been found in VLC, the VideoLAN project's media player. Processing malformed media files could lead to denial of service and potentially the execution of arbitrary code.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2017-06-30 CVE Reserved
- 2017-06-30 CVE Published
- 2024-08-05 CVE Updated
- 2025-05-04 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-787: Out-of-bounds Write
CAPEC
References (3)
| URL | Tag | Source |
|---|---|---|
| http://www.securitytracker.com/id/1038816 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://trac.videolan.org/vlc/ticket/18467 | 2017-11-23 | |
| https://www.debian.org/security/2017/dsa-4045 | 2017-11-23 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Videolan Search vendor "Videolan" | Vlc Media Player Search vendor "Videolan" for product "Vlc Media Player" | 2.2.0 Search vendor "Videolan" for product "Vlc Media Player" and version "2.2.0" | - |
Affected
| ||||||
| Videolan Search vendor "Videolan" | Vlc Media Player Search vendor "Videolan" for product "Vlc Media Player" | 2.2.1 Search vendor "Videolan" for product "Vlc Media Player" and version "2.2.1" | - |
Affected
| ||||||
| Videolan Search vendor "Videolan" | Vlc Media Player Search vendor "Videolan" for product "Vlc Media Player" | 2.2.2 Search vendor "Videolan" for product "Vlc Media Player" and version "2.2.2" | - |
Affected
| ||||||
| Videolan Search vendor "Videolan" | Vlc Media Player Search vendor "Videolan" for product "Vlc Media Player" | 2.2.3 Search vendor "Videolan" for product "Vlc Media Player" and version "2.2.3" | - |
Affected
| ||||||
| Videolan Search vendor "Videolan" | Vlc Media Player Search vendor "Videolan" for product "Vlc Media Player" | 2.2.4 Search vendor "Videolan" for product "Vlc Media Player" and version "2.2.4" | - |
Affected
| ||||||
| Videolan Search vendor "Videolan" | Vlc Media Player Search vendor "Videolan" for product "Vlc Media Player" | 2.2.5 Search vendor "Videolan" for product "Vlc Media Player" and version "2.2.5" | - |
Affected
| ||||||
| Videolan Search vendor "Videolan" | Vlc Media Player Search vendor "Videolan" for product "Vlc Media Player" | 2.2.5.1 Search vendor "Videolan" for product "Vlc Media Player" and version "2.2.5.1" | - |
Affected
| ||||||
| Videolan Search vendor "Videolan" | Vlc Media Player Search vendor "Videolan" for product "Vlc Media Player" | 2.2.6 Search vendor "Videolan" for product "Vlc Media Player" and version "2.2.6" | - |
Affected
| ||||||
| Videolan Search vendor "Videolan" | Vlc Media Player Search vendor "Videolan" for product "Vlc Media Player" | 2.2.7 Search vendor "Videolan" for product "Vlc Media Player" and version "2.2.7" | - |
Affected
| ||||||