Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2010-2062

Опубликовано: 26 дек. 2014
Источник: nvd
CVSS2: 7.5
EPSS Низкий

Описание

Integer underflow in the real_get_rdt_chunk function in real.c, as used in modules/access/rtsp/real.c in VideoLAN VLC media player before 1.0.1 and stream/realrtsp/real.c in MPlayer before r29447, allows remote attackers to execute arbitrary code via a crafted length value in an RDT chunk header.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:videolan:vlc_media_player:*:*:*:*:*:*:*:*
Версия до 1.0.0 (включая)
cpe:2.3:a:videolan:vlc_media_player:0.5.0:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:0.5.1:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:0.5.2:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:0.5.3:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:0.6.0:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:0.6.1:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:0.6.2:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:0.7.0:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:0.7.1:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:0.7.2:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:0.8.0:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:0.8.1:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:0.8.2:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:0.8.4:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:0.8.4a:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:0.8.5:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:0.8.6:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:0.8.6a:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:0.8.6b:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:0.8.6c:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:0.8.6d:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:0.8.6e:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:0.8.6f:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:0.8.6g:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:0.8.6h:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:0.8.6i:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:0.8.1337:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:0.9.0:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:0.9.1:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:0.9.2:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:0.9.3:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:0.9.4:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:0.9.5:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:0.9.6:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:0.9.8a:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:0.9.9:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:0.9.9a:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:0.9.10:*:*:*:*:*:*:*

EPSS

Процентиль: 86%
0.02991
Низкий

7.5 High

CVSS2

Дефекты

CWE-189

Связанные уязвимости

ubuntu логотип

CVE-2010-2062

ubuntu
почти 11 лет назад

Integer underflow in the real_get_rdt_chunk function in real.c, as used in modules/access/rtsp/real.c in VideoLAN VLC media player before 1.0.1 and stream/realrtsp/real.c in MPlayer before r29447, allows remote attackers to execute arbitrary code via a crafted length value in an RDT chunk header.

debian логотип

CVE-2010-2062

debian
почти 11 лет назад

Integer underflow in the real_get_rdt_chunk function in real.c, as use ...

github логотип

GHSA-pp8c-mm4f-pg89

github
больше 3 лет назад

Integer underflow in the real_get_rdt_chunk function in real.c, as used in modules/access/rtsp/real.c in VideoLAN VLC media player before 1.0.1 and stream/realrtsp/real.c in MPlayer before r29447, allows remote attackers to execute arbitrary code via a crafted length value in an RDT chunk header.

EPSS

Процентиль: 86%
0.02991
Низкий

7.5 High

CVSS2

Дефекты

CWE-189