CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
Percentile
64.5%
2.0.8 Demux: * sgimb: use after free (fixes #8724 https://trac.videolan.org/vlc/ticket/8724 ) * Improve resistance and checking against malformed MKV files (Check element size before reading it. This should avoid integer overflows inside the libebml causing heap buffer overflow. Since new called by the lib is limited to SIZE_MAX bytes.) Access: * qtsound: fix crash when freeing memory 2.0.7 Input: * Fix memory exhaustion vulnerability when playing specifically crafted playlist files. (stream_ReadLine: correctly return an error on overflow fixes #7361 https://trac.videolan.org/vlc/ticket/7361 ) HTTP Interface: * lua http: Fix two xss vulnerabilities (CVE-2013-3565)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 2 | noarch | vlc | < 2.0.8-0.2 | vlc-2.0.8-0.2.mga2 |
Mageia | 2 | noarch | vlc | < 2.0.8-0.2 | vlc-2.0.8-0.2.mga2.tainted |
Mageia | 3 | noarch | vlc | < 2.0.8-2 | vlc-2.0.8-2.mga3 |
Mageia | 3 | noarch | vlc | < 2.0.8-2 | vlc-2.0.8-2.mga3.tainted |
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
Percentile
64.5%