CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
5.1%
Untrusted search path vulnerability in VideoLAN VLC before 0.9.0 allows local users to execute arbitrary code via a malicious library under the modules/ or plugins/ subdirectories of the current working directory.
Vendor | Product | Version | CPE |
---|---|---|---|
videolan | vlc | cpe:/a:videolan:vlc:::: | |
videolan | vlc | 0.8.2 | cpe:/a:videolan:vlc:0.8.2::: |
videolan | vlc | 0.8.6c | cpe:/a:videolan:vlc:0.8.6c::: |
videolan | vlc | 0.8.4 | cpe:/a:videolan:vlc:0.8.4::: |
videolan | vlc | 0.8.6e | cpe:/a:videolan:vlc:0.8.6e::: |
videolan | vlc | 0.4.6 | cpe:/a:videolan:vlc:0.4.6::: |
videolan | vlc | 0.8.6a | cpe:/a:videolan:vlc:0.8.6a::: |
videolan | vlc | 0.5.3 | cpe:/a:videolan:vlc:0.5.3::: |
videolan | vlc | 0.7.0 | cpe:/a:videolan:vlc:0.7.0::: |
videolan | vlc | 0.6.1 | cpe:/a:videolan:vlc:0.6.1::: |