Lucene search

[email protected]CVE-2012-3377

HistoryJul 12, 2012 - 9:55 p.m.

CVE-2012-3377

2012-07-1221:55:07

CWE-119

[email protected]

web.nvd.nist.gov

cve-2012-3377

nvd

videolan

vlc media player

buffer overflow

ogg

demuxer

denial of service

application crash

arbitrary code

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.9 High

AI Score

Confidence

High

0.05 Low

EPSS

Percentile

92.9%

JSON

Heap-based buffer overflow in the Ogg_DecodePacket function in the OGG demuxer (modules/demux/ogg.c) in VideoLAN VLC media player before 2.0.2 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted OGG file.

Affected configurations

NVD

Node

videolanvlc_media_playerRange≤2.0.1

videolanvlc_media_playerMatch0.1.99a

videolanvlc_media_playerMatch0.1.99b

videolanvlc_media_playerMatch0.1.99c

videolanvlc_media_playerMatch0.1.99d

videolanvlc_media_playerMatch0.1.99e

videolanvlc_media_playerMatch0.1.99f

videolanvlc_media_playerMatch0.1.99g

videolanvlc_media_playerMatch0.1.99h

videolanvlc_media_playerMatch0.1.99i

videolanvlc_media_playerMatch0.2.0

videolanvlc_media_playerMatch0.2.50

videolanvlc_media_playerMatch0.2.60

videolanvlc_media_playerMatch0.2.61

videolanvlc_media_playerMatch0.2.62

videolanvlc_media_playerMatch0.2.63

videolanvlc_media_playerMatch0.2.70

videolanvlc_media_playerMatch0.2.71

videolanvlc_media_playerMatch0.2.72

videolanvlc_media_playerMatch0.2.73

videolanvlc_media_playerMatch0.2.80

videolanvlc_media_playerMatch0.2.81

videolanvlc_media_playerMatch0.2.82

videolanvlc_media_playerMatch0.2.83

videolanvlc_media_playerMatch0.2.90

videolanvlc_media_playerMatch0.2.91

videolanvlc_media_playerMatch0.2.92

videolanvlc_media_playerMatch0.3.0

videolanvlc_media_playerMatch0.3.1

videolanvlc_media_playerMatch0.4.0

videolanvlc_media_playerMatch0.4.1

videolanvlc_media_playerMatch0.4.2

videolanvlc_media_playerMatch0.4.3

videolanvlc_media_playerMatch0.4.3-ac3

videolanvlc_media_playerMatch0.4.4

videolanvlc_media_playerMatch0.4.5

videolanvlc_media_playerMatch0.4.6

videolanvlc_media_playerMatch0.5.0

videolanvlc_media_playerMatch0.5.1

videolanvlc_media_playerMatch0.5.2

videolanvlc_media_playerMatch0.5.3

videolanvlc_media_playerMatch0.6.0

videolanvlc_media_playerMatch0.6.1

videolanvlc_media_playerMatch0.6.2

videolanvlc_media_playerMatch0.7.0

videolanvlc_media_playerMatch0.7.1

videolanvlc_media_playerMatch0.7.2

videolanvlc_media_playerMatch0.8.0

videolanvlc_media_playerMatch0.8.1

videolanvlc_media_playerMatch0.8.2

videolanvlc_media_playerMatch0.8.4

videolanvlc_media_playerMatch0.8.4a

videolanvlc_media_playerMatch0.8.5

videolanvlc_media_playerMatch0.8.6

videolanvlc_media_playerMatch0.8.6a

videolanvlc_media_playerMatch0.8.6b

videolanvlc_media_playerMatch0.8.6c

videolanvlc_media_playerMatch0.8.6d

videolanvlc_media_playerMatch0.8.6e

videolanvlc_media_playerMatch0.8.6f

videolanvlc_media_playerMatch0.8.6g

videolanvlc_media_playerMatch0.8.6h

videolanvlc_media_playerMatch0.8.6i

videolanvlc_media_playerMatch0.8.1337

videolanvlc_media_playerMatch0.9.0

videolanvlc_media_playerMatch0.9.1

videolanvlc_media_playerMatch0.9.2

videolanvlc_media_playerMatch0.9.3

videolanvlc_media_playerMatch0.9.4

videolanvlc_media_playerMatch0.9.5

videolanvlc_media_playerMatch0.9.6

videolanvlc_media_playerMatch0.9.8a

videolanvlc_media_playerMatch0.9.9

videolanvlc_media_playerMatch0.9.9a

videolanvlc_media_playerMatch0.9.10

videolanvlc_media_playerMatch1.0.0

videolanvlc_media_playerMatch1.0.1

videolanvlc_media_playerMatch1.0.2

videolanvlc_media_playerMatch1.0.3

videolanvlc_media_playerMatch1.0.4

videolanvlc_media_playerMatch1.0.5

videolanvlc_media_playerMatch1.0.6

videolanvlc_media_playerMatch1.1.0

videolanvlc_media_playerMatch1.1.1

videolanvlc_media_playerMatch1.1.2

videolanvlc_media_playerMatch1.1.3

videolanvlc_media_playerMatch1.1.4

videolanvlc_media_playerMatch1.1.4.1

videolanvlc_media_playerMatch1.1.5

videolanvlc_media_playerMatch1.1.6

videolanvlc_media_playerMatch1.1.6.1

videolanvlc_media_playerMatch1.1.7

videolanvlc_media_playerMatch1.1.8

videolanvlc_media_playerMatch1.1.9

videolanvlc_media_playerMatch1.1.10

videolanvlc_media_playerMatch1.1.10.1

videolanvlc_media_playerMatch1.1.11

videolanvlc_media_playerMatch1.1.13

videolanvlc_media_playerMatch2.0.0

CPENameOperatorVersion
videolan:vlc_media_playervideolan vlc media playerle2.0.1
videolan:vlc_media_playervideolan vlc media playereq0.1.99a
videolan:vlc_media_playervideolan vlc media playereq0.1.99b
videolan:vlc_media_playervideolan vlc media playereq0.1.99c
videolan:vlc_media_playervideolan vlc media playereq0.1.99d
videolan:vlc_media_playervideolan vlc media playereq0.1.99e
videolan:vlc_media_playervideolan vlc media playereq0.1.99f
videolan:vlc_media_playervideolan vlc media playereq0.1.99g
videolan:vlc_media_playervideolan vlc media playereq0.1.99h
videolan:vlc_media_playervideolan vlc media playereq0.1.99i

CPE	Name	Operator	Version
videolan:vlc_media_player	videolan vlc media player	le	2.0.1
videolan:vlc_media_player	videolan vlc media player	eq	0.1.99a
videolan:vlc_media_player	videolan vlc media player	eq	0.1.99b
videolan:vlc_media_player	videolan vlc media player	eq	0.1.99c
videolan:vlc_media_player	videolan vlc media player	eq	0.1.99d
videolan:vlc_media_player	videolan vlc media player	eq	0.1.99e
videolan:vlc_media_player	videolan vlc media player	eq	0.1.99f
videolan:vlc_media_player	videolan vlc media player	eq	0.1.99g
videolan:vlc_media_player	videolan vlc media player	eq	0.1.99h
videolan:vlc_media_player	videolan vlc media player	eq	0.1.99i