CVE-2010-3275

Опубликовано: 28 мар. 2011

Источник: nvd

CVSS2: 9.3

EPSS Высокий

Уязвимость выполнения произвольного кода в VideoLAN VLC Media Player через обработку AMV файлов

Описание

Уязвимость в компоненте libdirectx_plugin.dll в VideoLAN VLC Media Player до версии 1.1.8 позволяет злоумышленникам выполнять произвольный код. Эта уязвимость связана с некорректной обработкой специально сформулированного значения ширины в AMV файле, что приводит к уязвимости "dangling pointer".

Затронутые версии ПО

VideoLAN VLC Media Player версии до 1.1.8.

Тип уязвимости

Удалённое выполнение кода

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:videolan:vlc_media_player:*:*:*:*:*:*:*:*

Версия до 1.1.7 (включая)

cpe:2.3:a:videolan:vlc_media_player:0.1.99b:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.1.99e:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.1.99f:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.1.99g:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.1.99h:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.1.99i:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.2.0:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.2.60:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.2.61:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.2.62:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.2.63:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.2.70:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.2.71:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.2.72:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.2.73:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.2.80:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.2.81:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.2.82:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.2.83:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.2.90:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.2.91:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.2.92:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.3.0:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.3.1:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.4.0:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.4.1:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.4.2:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.4.3:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.4.4:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.4.5:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.4.6:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.5.0:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.5.1:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.5.2:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.5.3:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.6.0:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.6.1:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.6.2:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.7.0:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.7.2:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.8.0:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.8.1:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.8.2:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.8.4:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.8.5:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.8.6:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.9.2:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.9.3:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.9.4:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.9.5:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.9.6:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.9.8a:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.9.9:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.9.10:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:1.0.0:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:1.0.1:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:1.0.2:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:1.0.3:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:1.0.4:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:1.0.5:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:1.0.6:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:1.1.0:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:1.1.1:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:1.1.2:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:1.1.3:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:1.1.4:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:1.1.5:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:1.1.6:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:1.1.6.1:*:*:*:*:*:*:*

EPSS

Процентиль: 99%

0.86225

Высокий

9.3 Critical

CVSS2

Дефекты

CWE-119

Связанные уязвимости

CVE-2010-3275

ubuntu

больше 14 лет назад

libdirectx_plugin.dll in VideoLAN VLC Media Player before 1.1.8 allows remote attackers to execute arbitrary code via a crafted width in an AMV file, related to a "dangling pointer vulnerability."

CVE-2010-3275

debian

больше 14 лет назад

libdirectx_plugin.dll in VideoLAN VLC Media Player before 1.1.8 allows ...

GHSA-2r97-vr7q-6pw9

github

больше 3 лет назад

libdirectx_plugin.dll in VideoLAN VLC Media Player before 1.1.8 allows remote attackers to execute arbitrary code via a crafted width in an AMV file, related to a "dangling pointer vulnerability."

EPSS

Процентиль: 99%

0.86225

Высокий

9.3 Critical

CVSS2

Дефекты

CWE-119