Lucene search

K
ubuntucveUbuntu.comUB:CVE-2010-3124
HistoryAug 26, 2010 - 12:00 a.m.

CVE-2010-3124

2010-08-2600:00:00
ubuntu.com
ubuntu.com
6

9.3 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.585 Medium

EPSS

Percentile

97.7%

Untrusted search path vulnerability in bin/winvlc.c in VLC Media Player
1.1.3 and earlier allows local users, and possibly remote attackers, to
execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse
wintab32.dll that is located in the same folder as a .mp3 file.

Notes

Author Note
mdeslaur This is Windows-specific

9.3 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.585 Medium

EPSS

Percentile

97.7%