Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2008-1881
HistoryApr 17, 2008 - 11:05 p.m.

CVE-2008-1881

2008-04-1723:05:00
CWE-119
[email protected]
web.nvd.nist.gov
35
cve-2008-1881
stack-based buffer overflow
parsessa function
vlc 0.8.6e
remote code execution
ssa file
incomplete fix

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.7 High

AI Score

Confidence

Low

0.25 Low

EPSS

Percentile

96.7%

JSON

Stack-based buffer overflow in the ParseSSA function (modules/demux/subtitle.c) in VLC 0.8.6e allows remote attackers to execute arbitrary code via a long subtitle in an SSA file. NOTE: this issue is due to an incomplete fix for CVE-2007-6681.

Affected configurations

NVD
Node
videolanvlcMatch0.8.6e
CPENameOperatorVersion
videolan:vlcvideolan vlceq0.8.6e

Related

debiancve 2
cvelist 2
prion 2
nvd 2
ubuntucve 2
seebug 2
openvas 8
nessus 6
gentoo 2
exploitpack 1
packetstorm 1
cve 1
exploitdb 1
debian 2
osv 2
debiancve
debiancve
CVE-2008-1881
2008-04-17 23:05:00
CVE-2007-6681
2008-01-17 01:00:00
cvelist
cvelist
CVE-2008-1881
2008-04-17 23:00:00
CVE-2007-6681
2008-01-17 00:00:00
prion
prion
Stack overflow
2008-04-17 23:05:00
Stack overflow
2008-01-17 01:00:00
nvd
nvd
CVE-2008-1881
2008-04-17 23:05:00
CVE-2007-6681
2008-01-17 01:00:00
ubuntucve
ubuntucve
CVE-2008-1881
2008-04-17 00:00:00
CVE-2007-6681
2008-01-17 00:00:00
seebug
seebug
VLCεͺ’δ½“ζ’­ζ”Ύε™¨ε­—εΉ•ζ–‡δ»Άζ ˆζΊ’ε‡ΊζΌζ΄ž
2008-04-25 00:00:00
VLC 0.8.6d SSA Parsing Double Sh311 Universal Exploit
2008-05-24 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200804-25 (vlc)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200804-25 (vlc)
2008-09-24 00:00:00
Debian Security Advisory DSA 1819-1 (vlc)
2009-06-23 00:00:00
nessus
nessus
GLSA-200804-25 : VLC: User-assisted execution of arbitrary code
2008-04-25 00:00:00
Debian DSA-1819-1 : vlc - several vulnerabilities
2009-06-19 00:00:00
VLC Media Player < 0.8.6f Multiple Vulnerabilities (deprecated)
2008-03-14 00:00:00
gentoo
gentoo
VLC: User-assisted execution of arbitrary code
2008-04-23 00:00:00
VLC: Multiple vulnerabilities
2008-03-07 00:00:00
exploitpack
exploitpack
VideoLAN VLC Media Player 0.8.6d SSA Parsing Double Sh311 - Universal
2008-05-23 00:00:00
packetstorm
packetstorm
vlc-doubleshell.txt
2008-05-23 00:00:00
cve
cve
CVE-2007-6681
2008-01-17 01:00:00
exploitdb
exploitdb
VideoLAN VLC Media Player 0.8.6d SSA Parsing Double Sh311 - Universal
2008-05-23 00:00:00
debian
debian
[SECURITY] [DSA 1819-1] New vlc packages fix several vulnerabilities
2009-06-18 13:13:47
[SECURITY] [DSA 1543-1] New vlc packages fix several vulnerabilities
2008-04-09 19:26:06
osv
osv
vlc - several vulnerabilities
2009-06-18 00:00:00
vlc - several vulnerabilities
2008-04-09 00:00:00

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.7 High

AI Score

Confidence

Low

0.25 Low

EPSS

Percentile

96.7%

JSON
Related for CVE-2008-1881
debiancve2cvelist2prion2nvd2ubuntucve2seebug2openvas8nessus6gentoo2exploitpack1packetstorm1cve1exploitdb1debian2osv2