CVE-2011-2194

2011-06-2400:00:00

ubuntu.com

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

EPSS

0.163

Percentile

96.1%

JSON

Integer overflow in the XSPF playlist parser in VideoLAN VLC media player
0.8.5 through 1.1.9 allows remote attackers to cause a denial of service
(crash) and possibly execute arbitrary code via unspecified vectors that
trigger a heap-based buffer overflow.

OSVersionArchitecturePackageVersionFilename
ubuntu10.04noarchvlc< 1.0.6-1ubuntu1.7UNKNOWN
ubuntu10.10noarchvlc< 1.1.4-1ubuntu1.6UNKNOWN
ubuntu11.04noarchvlc< 1.1.9-1ubuntu1.1UNKNOWN