Published: 06/12/2007 Updated: 15/10/2018

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

VMScore: 685

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

A certain ActiveX control in axvlc.dll in VideoLAN VLC 0.8.6 prior to 0.8.6d allows remote malicious users to execute arbitrary code via crafted arguments to the (1) addTarget, (2) getVariable, or (3) setVariable function, resulting from a "bad initialized pointer," aka a "recursive plugin release vulnerability."

Vulnerable Product	Search on Vulmon	Subscribe to Product
videolan vlc media player 0.8.6b
videolan vlc media player 0.8.6
videolan vlc media player 0.8.6a

<!-- Core Security Technologiess - CoreLabs Advisory wwwcoresecuritycom/corelabs VLC Activex Bad Pointer Initialization Vulnerability *Advisory Information* Title: VLC Activex Bad Pointer Initialization Vulnerability Advisory ID: CORE-2007-1004 Advisory URL: wwwcoresecuritycom/?action=item&id=2035 D ...

CWE-119 http://www.coresecurity.com/?action=item&id=2035 http://www.videolan.org/sa0703.html http://www.securityfocus.com/bid/26675 http://secunia.com/advisories/27878 http://securityreason.com/securityalert/3420 http://www.vupen.com/english/advisories/2007/4061 https://exchange.xforce.ibmcloud.com/vulnerabilities/38816 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14280 http://www.securityfocus.com/archive/1/484563/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/4688/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2007-6262

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect