Lucene search
HistoryJun 24, 2011 - 8:55 p.m.
CVE-2011-2194
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
7.9
Confidence
Low
EPSS
0.163
Percentile
96.1%
Integer overflow in the XSPF playlist parser in VideoLAN VLC media player 0.8.5 through 1.1.9 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors that trigger a heap-based buffer overflow.
Affected configurations
Node
videolanvlc_media_playerMatch0.8.5
ORvideolanvlc_media_playerMatch0.8.6
ORvideolanvlc_media_playerMatch0.8.6a
ORvideolanvlc_media_playerMatch0.8.6b
ORvideolanvlc_media_playerMatch0.8.6c
ORvideolanvlc_media_playerMatch0.8.6d
ORvideolanvlc_media_playerMatch0.8.6e
ORvideolanvlc_media_playerMatch0.8.6f
ORvideolanvlc_media_playerMatch0.8.6g
ORvideolanvlc_media_playerMatch0.8.6h
ORvideolanvlc_media_playerMatch0.8.6i
ORvideolanvlc_media_playerMatch0.9.0
ORvideolanvlc_media_playerMatch0.9.1
ORvideolanvlc_media_playerMatch0.9.2
ORvideolanvlc_media_playerMatch0.9.3
ORvideolanvlc_media_playerMatch0.9.4
ORvideolanvlc_media_playerMatch0.9.5
ORvideolanvlc_media_playerMatch0.9.6
ORvideolanvlc_media_playerMatch0.9.8a
ORvideolanvlc_media_playerMatch0.9.9
ORvideolanvlc_media_playerMatch0.9.9a
ORvideolanvlc_media_playerMatch0.9.10
ORvideolanvlc_media_playerMatch1.0.0
ORvideolanvlc_media_playerMatch1.0.1
ORvideolanvlc_media_playerMatch1.0.2
ORvideolanvlc_media_playerMatch1.0.3
ORvideolanvlc_media_playerMatch1.0.4
ORvideolanvlc_media_playerMatch1.0.5
ORvideolanvlc_media_playerMatch1.0.6
ORvideolanvlc_media_playerMatch1.1.0
ORvideolanvlc_media_playerMatch1.1.1
ORvideolanvlc_media_playerMatch1.1.2
ORvideolanvlc_media_playerMatch1.1.3
ORvideolanvlc_media_playerMatch1.1.4
ORvideolanvlc_media_playerMatch1.1.4.1
ORvideolanvlc_media_playerMatch1.1.5
ORvideolanvlc_media_playerMatch1.1.6
ORvideolanvlc_media_playerMatch1.1.7
ORvideolanvlc_media_playerMatch1.1.8
ORvideolanvlc_media_playerMatch1.1.9
| Vendor | Product | Version | CPE |
|---|---|---|---|
| videolan | vlc_media_player | 0.8.5 | cpe:2.3:a:videolan:vlc_media_player:0.8.5:*:*:*:*:*:*:* |
| videolan | vlc_media_player | 0.8.6 | cpe:2.3:a:videolan:vlc_media_player:0.8.6:*:*:*:*:*:*:* |
| videolan | vlc_media_player | 0.8.6a | cpe:2.3:a:videolan:vlc_media_player:0.8.6a:*:*:*:*:*:*:* |
| videolan | vlc_media_player | 0.8.6b | cpe:2.3:a:videolan:vlc_media_player:0.8.6b:*:*:*:*:*:*:* |
| videolan | vlc_media_player | 0.8.6c | cpe:2.3:a:videolan:vlc_media_player:0.8.6c:*:*:*:*:*:*:* |
| videolan | vlc_media_player | 0.8.6d | cpe:2.3:a:videolan:vlc_media_player:0.8.6d:*:*:*:*:*:*:* |
| videolan | vlc_media_player | 0.8.6e | cpe:2.3:a:videolan:vlc_media_player:0.8.6e:*:*:*:*:*:*:* |
| videolan | vlc_media_player | 0.8.6f | cpe:2.3:a:videolan:vlc_media_player:0.8.6f:*:*:*:*:*:*:* |
| videolan | vlc_media_player | 0.8.6g | cpe:2.3:a:videolan:vlc_media_player:0.8.6g:*:*:*:*:*:*:* |
| videolan | vlc_media_player | 0.8.6h | cpe:2.3:a:videolan:vlc_media_player:0.8.6h:*:*:*:*:*:*:* |
Related
openvas
openvas
Debian: Security Advisory (DSA-2257-1)
2011-08-03 00:00:00
VLC Media Player XSPF Playlist Integer Overflow Vulnerability - Linux
2011-07-01 00:00:00
Debian Security Advisory DSA 2257-1 (vlc)
2011-08-03 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 2257-1] vlc security update
2011-06-10 00:00:00
vlc player integer overflow
2011-06-10 00:00:00
ubuntucve
ubuntucve
CVE-2011-2194
2011-06-24 00:00:00
debiancve
debiancve
CVE-2011-2194
2011-06-24 20:55:03
cve
cve
CVE-2011-2194
2011-06-24 20:55:03
exploitdb
exploitdb
VideoLAN VLC Media Player 1.1.9 - XSPF Playlist Local File Integer Overflow
2011-06-08 00:00:00
debian
debian
[SECURITY] [DSA 2257-1] vlc security update
2011-06-10 10:23:48
prion
prion
Integer overflow
2011-06-24 20:55:00
cvelist
cvelist
CVE-2011-2194
2011-06-24 20:00:00
checkpoint_advisories
checkpoint_advisories
VLC Media Player XSPF Playlist Integer Overflow - Ver2 (CVE-2011-2194)
2015-05-18 00:00:00
nessus
nessus
Debian DSA-2257-1 : vlc - heap-based buffer overflow
2011-06-10 00:00:00
VLC < 1.1.10 Multiple Vulnerabilities
2011-06-09 00:00:00
GLSA-201411-01 : VLC: Multiple vulnerabilities
2014-11-06 00:00:00
gentoo
gentoo
VLC: Multiple vulnerabilities
2014-11-05 00:00:00
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
7.9
Confidence
Low
EPSS
0.163
Percentile
96.1%
Related for NVD:CVE-2011-2194