CVE-2011-0021

Опубликовано: 25 янв. 2011

Источник: nvd

CVSS2: 9.3

EPSS Средний

Уязвимость переполнения буфера в декодере CDG в VideoLAN VLC Media Player, позволяющая выполнять произвольный код или вызывать аварийное завершение работы приложения

Описание

Несколько переполнений буфера в куче в файле cdg.c, который используется декодером CDG в VideoLAN VLC Media Player (версии до 1.1.6), позволяют злоумышленникам вызвать DoS атаку (аварийное завершение работы приложения) или, возможно, выполнить произвольный код через специально сформированное CDG видео.

Затронутые версии ПО

VideoLAN VLC Media Player версии до 1.1.6

Тип уязвимости

Выполнение произвольного кода
DoS атака

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:videolan:vlc_media_player:*:*:*:*:*:*:*:*

Версия до 1.1.5 (включая)

cpe:2.3:a:videolan:vlc_media_player:0.1.99b:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.1.99e:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.1.99f:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.1.99g:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.1.99h:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.1.99i:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.2.0:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.2.60:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.2.61:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.2.62:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.2.63:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.2.70:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.2.71:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.2.72:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.2.73:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.2.80:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.2.81:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.2.82:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.2.83:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.2.90:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.2.91:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.2.92:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.3.0:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.3.1:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.4.0:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.4.1:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.4.2:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.4.3:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.4.4:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.4.5:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.4.6:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.5.0:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.5.1:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.5.2:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.5.3:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.6.0:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.6.1:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.6.2:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.7.0:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.7.2:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.8.0:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.8.1:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.8.2:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.8.4:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.8.5:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.8.6:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.9.2:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.9.3:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.9.4:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.9.5:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.9.6:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.9.8a:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.9.9:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:0.9.10:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:1.0.0:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:1.0.1:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:1.0.2:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:1.0.3:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:1.0.4:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:1.0.5:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:1.0.6:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:1.1.0:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:1.1.1:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:1.1.2:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:1.1.3:*:*:*:*:*:*:*

cpe:2.3:a:videolan:vlc_media_player:1.1.4:*:*:*:*:*:*:*

EPSS

Процентиль: 93%

0.10313

Средний

9.3 Critical

CVSS2

Дефекты

CWE-119

Связанные уязвимости

CVE-2011-0021

ubuntu

почти 15 лет назад

Multiple heap-based buffer overflows in cdg.c in the CDG decoder in VideoLAN VLC Media Player before 1.1.6 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted CDG video.

CVE-2011-0021

debian

почти 15 лет назад

Multiple heap-based buffer overflows in cdg.c in the CDG decoder in Vi ...

GHSA-62w2-x3mc-cwxp

github

больше 3 лет назад

EPSS

Процентиль: 93%

0.10313

Средний

9.3 Critical

CVSS2

Дефекты

CWE-119