CVE-2012-5855

2013-07-1000:00:00

ubuntu.com

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

EPSS

0.001

Percentile

49.8%

JSON

The SHAddToRecentDocs function in VideoLAN VLC media player 2.0.4 and
earlier might allow user-assisted attackers to cause a denial of service
(crash) via a crafted file name that triggers an incorrect string-length
calculation when the file is added to VLC. NOTE: it is not clear whether
this issue crosses privilege boundaries or whether it can be exploited
without user interaction.