Lucene search
MitreCVE-2008-2147HistoryMay 12, 2008 - 8:20 p.m.
CVE-2008-2147
2008-05-1220:20:00
CWE-264
mitre
web.nvd.nist.gov
41
cve-2008-2147
videolan vlc
untrusted search path vulnerability
arbitrary code execution
nvd
CVSS2
4.6
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
AI Score
6.8
Confidence
Low
EPSS
0
Percentile
5.1%
Untrusted search path vulnerability in VideoLAN VLC before 0.9.0 allows local users to execute arbitrary code via a malicious library under the modules/ or plugins/ subdirectories of the current working directory.
Affected configurations
Node
videolanvlcRange≤0.8.6
ORvideolanvlcMatch0.4.6
ORvideolanvlcMatch0.5.0
ORvideolanvlcMatch0.5.1
ORvideolanvlcMatch0.5.1a
ORvideolanvlcMatch0.5.2
ORvideolanvlcMatch0.5.3
ORvideolanvlcMatch0.6.0
ORvideolanvlcMatch0.6.1
ORvideolanvlcMatch0.6.2
ORvideolanvlcMatch0.7.0
ORvideolanvlcMatch0.7.1
ORvideolanvlcMatch0.7.2
ORvideolanvlcMatch0.8.0
ORvideolanvlcMatch0.8.1
ORvideolanvlcMatch0.8.2
ORvideolanvlcMatch0.8.4
ORvideolanvlcMatch0.8.4a
ORvideolanvlcMatch0.8.5
ORvideolanvlcMatch0.8.6a
ORvideolanvlcMatch0.8.6b
ORvideolanvlcMatch0.8.6c
ORvideolanvlcMatch0.8.6d
ORvideolanvlcMatch0.8.6e
| Vendor | Product | Version | CPE |
|---|---|---|---|
| videolan | vlc | cpe:/a:videolan:vlc:::: | |
| videolan | vlc | 0.8.2 | cpe:/a:videolan:vlc:0.8.2::: |
| videolan | vlc | 0.8.6c | cpe:/a:videolan:vlc:0.8.6c::: |
| videolan | vlc | 0.8.4 | cpe:/a:videolan:vlc:0.8.4::: |
| videolan | vlc | 0.8.6e | cpe:/a:videolan:vlc:0.8.6e::: |
| videolan | vlc | 0.4.6 | cpe:/a:videolan:vlc:0.4.6::: |
| videolan | vlc | 0.8.6a | cpe:/a:videolan:vlc:0.8.6a::: |
| videolan | vlc | 0.5.3 | cpe:/a:videolan:vlc:0.5.3::: |
| videolan | vlc | 0.7.0 | cpe:/a:videolan:vlc:0.7.0::: |
| videolan | vlc | 0.6.1 | cpe:/a:videolan:vlc:0.6.1::: |
Related
debiancve
debiancve
CVE-2008-2147
2008-05-12 20:20:00
prion
prion
Design/Logic Flaw
2008-05-12 20:20:00
ubuntucve
ubuntucve
CVE-2008-2147
2008-05-12 00:00:00
nvd
nvd
CVE-2008-2147
2008-05-12 20:20:00
cvelist
cvelist
CVE-2008-2147
2008-05-12 20:00:00
gentoo
gentoo
VLC: Multiple vulnerabilities
2008-07-31 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200807-13 (vlc)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200807-13 (vlc)
2008-09-24 00:00:00
Debian Security Advisory DSA 1819-1 (vlc)
2009-06-23 00:00:00
nessus
nessus
GLSA-200807-13 : VLC: Multiple vulnerabilities
2008-08-01 00:00:00
Debian DSA-1819-1 : vlc - several vulnerabilities
2009-06-19 00:00:00
debian
debian
[SECURITY] [DSA 1819-1] New vlc packages fix several vulnerabilities
2009-06-18 13:13:47
osv
osv
vlc - several vulnerabilities
2009-06-18 00:00:00
CVSS2
4.6
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
AI Score
6.8
Confidence
Low
EPSS
0
Percentile
5.1%
Related for CVE-2008-2147