CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
Confidence
High
EPSS
Percentile
92.1%
The ASF Demuxer (modules/demux/asf/asf.c) in VideoLAN VLC media player 2.0.5 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted ASF movie that triggers an out-of-bounds read.
Vendor | Product | Version | CPE |
---|---|---|---|
videolan | vlc_media_player | * | cpe:2.3:a:videolan:vlc_media_player:*:*:*:*:*:*:*:* |
videolan | vlc_media_player | 2.0.0 | cpe:2.3:a:videolan:vlc_media_player:2.0.0:*:*:*:*:*:*:* |
videolan | vlc_media_player | 2.0.1 | cpe:2.3:a:videolan:vlc_media_player:2.0.1:*:*:*:*:*:*:* |
videolan | vlc_media_player | 2.0.2 | cpe:2.3:a:videolan:vlc_media_player:2.0.2:*:*:*:*:*:*:* |
videolan | vlc_media_player | 2.0.3 | cpe:2.3:a:videolan:vlc_media_player:2.0.3:*:*:*:*:*:*:* |
videolan | vlc_media_player | 2.0.4 | cpe:2.3:a:videolan:vlc_media_player:2.0.4:*:*:*:*:*:*:* |
git.videolan.org/?p=vlc.git%3Ba=commitdiff%3Bh=b31ce523331aa3a6e620b68cdfe3f161d519631e
marc.info/?l=oss-security&m=136593191416152&w=2
marc.info/?l=oss-security&m=136610343501731&w=2
secunia.com/advisories/59793
trac.videolan.org/vlc/ticket/8024
www.osvdb.org/89598
www.securityfocus.com/bid/57333
www.videolan.org/security/sa1302.html
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17023