Lucene search

RedhatCVE-2011-1087

HistoryMay 03, 2011 - 7:55 p.m.

CVE-2011-1087

2011-05-0319:55:03

CWE-119

redhat

web.nvd.nist.gov

cve-2011-1087

buffer overflow

videolan

vlc

media player

denial of service

remote attackers

memory corruption

application crash

arbitrary code

.mp3 file

CVSS2

7.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

AI Score

8.2

Confidence

High

EPSS

0.035

Percentile

91.6%

JSON

Buffer overflow in VideoLAN VLC media player 1.0.5 allows user-assisted remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted .mp3 file that is played during bookmark creation.

Affected configurations

Nvd

Node

videolanvlc_media_playerMatch1.0.5

VendorProductVersionCPE
videolanvlc_media_player1.0.5cpe:2.3:a:videolan:vlc_media_player:1.0.5:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
videolan	vlc_media_player	1.0.5	cpe:2.3:a:videolan:vlc_media_player:1.0.5:::::::*

References

openwall.com/lists/oss-security/2011/03/02/3

openwall.com/lists/oss-security/2011/03/03/8

openwall.com/lists/oss-security/2011/03/03/9

openwall.com/lists/oss-security/2011/03/28/7

secunia.com/advisories/38853

www.osvdb.org/62728

www.securityfocus.com/bid/38569

www.zeroscience.mk/en/vulnerabilities/ZSL-2010-4931.php

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14532

CVSS2

7.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

AI Score

8.2

Confidence

High

EPSS

0.035

Percentile

91.6%

JSON

Related for CVE-2011-1087