7.6 High
AI Score
Confidence
Low
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.115 Low
EPSS
Percentile
95.1%
The MP4 demuxer (mp4.c) for VLC media player 0.8.6d and earlier, as used in Miro Player 1.1 and earlier, allows remote attackers to overwrite arbitrary memory and execute arbitrary code via a malformed MP4 file.
CPE | Name | Operator | Version |
---|---|---|---|
miro_player | le | 1.1 | |
vlc_media_player | eq | <= 0.8.6d |
lists.grok.org.uk/pipermail/full-disclosure/2008-February/060481.html
secunia.com/advisories/29122
secunia.com/advisories/29153
secunia.com/advisories/29284
secunia.com/advisories/29766
www.coresecurity.com/?action=item&id=2147
www.debian.org/security/2008/dsa-1543
www.gentoo.org/security/en/glsa/glsa-200803-13.xml
www.securityfocus.com/archive/1/488841/100/0/threaded
www.securityfocus.com/bid/28007
www.securitytracker.com/id?1019510
www.videolan.org/security/sa0802.html
www.vupen.com/english/advisories/2008/0682