Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Vlc Security Vulnerabilities

cve
cve

CVE-2007-6681

Stack-based buffer overflow in modules/demux/subtitle.c in VideoLAN VLC 0.8.6d allows remote attackers to execute arbitrary code via a long subtitle in a (1) MicroDvd, (2) SSA, and (3) Vplayer file.

7.6AI Score

0.306EPSS

2008-01-17 01:00 AM
42
cve
cve

CVE-2007-6682

Format string vulnerability in the httpd_FileCallBack function (network/httpd.c) in VideoLAN VLC 0.8.6d allows remote attackers to execute arbitrary code via format string specifiers in the Connection parameter.

7.3AI Score

0.718EPSS

2008-01-17 01:00 AM
39
cve
cve

CVE-2007-6683

The browser plugin in VideoLAN VLC 0.8.6d allows remote attackers to overwrite arbitrary files via (1) the :demuxdump-file option in a filename in a playlist, or (2) a EXTVLCOPT statement in an MP3 file, possibly an argument injection vulnerability.

6.8AI Score

0.008EPSS

2008-01-17 01:00 AM
39
cve
cve

CVE-2007-6684

The RTSP module in VideoLAN VLC 0.8.6d allows remote attackers to cause a denial of service (crash) via a request without a Transport parameter, which triggers a NULL pointer dereference.

6.3AI Score

0.015EPSS

2008-01-17 01:00 AM
37
cve
cve

CVE-2008-1489

Integer overflow in the MP4_ReadBox_rdrf function in libmp4.c for VLC 0.8.6e allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted MP4 RDRF box that triggers a heap-based buffer overflow, a different vulnerability than CVE-2008-0984.

7.7AI Score

0.156EPSS

2008-03-25 12:44 AM
41
cve
cve

CVE-2008-1768

Multiple integer overflows in VLC before 0.8.6f allow remote attackers to cause a denial of service (crash) via the (1) MP4 demuxer, (2) Real demuxer, and (3) Cinepak codec, which triggers a buffer overflow.

6.5AI Score

0.025EPSS

2008-04-25 06:05 AM
39
cve
cve

CVE-2008-1769

VLC before 0.8.6f allow remote attackers to cause a denial of service (crash) via a crafted Cinepak file that triggers an out-of-bounds array access and memory corruption.

6.2AI Score

0.019EPSS

2008-04-25 06:05 AM
41
cve
cve

CVE-2008-1881

Stack-based buffer overflow in the ParseSSA function (modules/demux/subtitle.c) in VLC 0.8.6e allows remote attackers to execute arbitrary code via a long subtitle in an SSA file. NOTE: this issue is due to an incomplete fix for CVE-2007-6681.

7.7AI Score

0.306EPSS

2008-04-17 11:05 PM
41
cve
cve

CVE-2008-2147

Untrusted search path vulnerability in VideoLAN VLC before 0.9.0 allows local users to execute arbitrary code via a malicious library under the modules/ or plugins/ subdirectories of the current working directory.

6.8AI Score

0.0004EPSS

2008-05-12 08:20 PM
41
cve
cve

CVE-2014-6440

VideoLAN VLC media player before 2.1.5 allows remote attackers to execute arbitrary code or cause a denial of service.

9.8CVSS

8.9AI Score

0.018EPSS

2017-03-28 03:59 PM
2398