Tenable801179.PRMVLC Media Player < 2.0.2 Ogg_DecodePacket Function OGG File Handling Overflow
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.05 Low
EPSS
Percentile
92.9%
The remote host contains VLC player, a multi-media application.
Versions of VLC media player earlier than 2.0.2 are potentially affected by a heap-based buffer overflow vulnerability. An error exists in the function βOgg_DecodePacketβ in the file βmodules/demux/ogg.cβ that does not properly validate input and can allow a heap-based buffer overflow. Opening a specially crafted file can result in the execution of arbitrary code. (CVE-2012-3377)
Binary data 801179.prmRelated
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.05 Low
EPSS
Percentile
92.9%