CVE-2013-4388

2013-10-1122:55:40

CWE-119

redhat

web.nvd.nist.gov

cve-2013-4388

buffer overflow

mp4a packetizer

videolan vlc media player

denial of service

arbitrary code execution

nvd

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

7.9

Confidence

Low

EPSS

0.051

Percentile

93.0%

JSON

Buffer overflow in the mp4a packetizer (modules/packetizer/mpeg4audio.c) in VideoLAN VLC Media Player before 2.0.8 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.

Affected configurations

Nvd

Node

videolanvlc_media_playerRange≤2.0.7

videolanvlc_media_playerMatch2.0.0

videolanvlc_media_playerMatch2.0.1

videolanvlc_media_playerMatch2.0.2

videolanvlc_media_playerMatch2.0.3

videolanvlc_media_playerMatch2.0.4

videolanvlc_media_playerMatch2.0.5

videolanvlc_media_playerMatch2.0.6

VendorProductVersionCPE
videolanvlc_media_player2.0.2cpe:/a:videolan:vlc_media_player:2.0.2:::
videolanvlc_media_player2.0.6cpe:/a:videolan:vlc_media_player:2.0.6:::
videolanvlc_media_player2.0.1cpe:/a:videolan:vlc_media_player:2.0.1:::
videolanvlc_media_player2.0.5cpe:/a:videolan:vlc_media_player:2.0.5:::
videolanvlc_media_playercpe:/a:videolan:vlc_media_player::::
videolanvlc_media_player2.0.0cpe:/a:videolan:vlc_media_player:2.0.0:::
videolanvlc_media_player2.0.4cpe:/a:videolan:vlc_media_player:2.0.4:::
videolanvlc_media_player2.0.3cpe:/a:videolan:vlc_media_player:2.0.3:::

Vendor	Product	Version	CPE
videolan	vlc_media_player	2.0.2	cpe:/a:videolan:vlc_media_player:2.0.2:::
videolan	vlc_media_player	2.0.6	cpe:/a:videolan:vlc_media_player:2.0.6:::
videolan	vlc_media_player	2.0.1	cpe:/a:videolan:vlc_media_player:2.0.1:::
videolan	vlc_media_player	2.0.5	cpe:/a:videolan:vlc_media_player:2.0.5:::
videolan	vlc_media_player		cpe:/a:videolan:vlc_media_player::::
videolan	vlc_media_player	2.0.0	cpe:/a:videolan:vlc_media_player:2.0.0:::
videolan	vlc_media_player	2.0.4	cpe:/a:videolan:vlc_media_player:2.0.4:::
videolan	vlc_media_player	2.0.3	cpe:/a:videolan:vlc_media_player:2.0.3:::