CVE-2007-3316
7.6 High
AI Score
Confidence
Low
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.863 High
EPSS
Percentile
98.5%
Multiple format string vulnerabilities in plugins in VideoLAN VLC Media Player before 0.8.6c allow remote attackers to cause a denial of service (crash) or execute arbitrary code via format string specifiers in (1) an Ogg/Vorbis file, (2) an Ogg/Theora file, (3) a CDDB entry for a CD Digital Audio (CDDA) file, or (4) Service Announce Protocol (SAP) multicast packets.
References
osvdb.org/37379
osvdb.org/37380
osvdb.org/37381
osvdb.org/37382
secunia.com/advisories/25753
secunia.com/advisories/25980
secunia.com/advisories/26269
security.gentoo.org/glsa/glsa-200707-12.xml
www.debian.org/security/2007/dsa-1332
www.isecpartners.com/advisories/2007-001-vlc.txt
www.kb.cert.org/vuls/id/200928
www.securityfocus.com/archive/1/471933/100/0/threaded
www.securityfocus.com/bid/24555
www.videolan.org/sa0702.html
www.vupen.com/english/advisories/2007/2262
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14600
Social References
More
Related
7.6 High
AI Score
Confidence
Low
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.863 High
EPSS
Percentile
98.5%