Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.6
CVSSv2

CVE-2008-2147

Published: 12/05/2008 Updated: 07/11/2023
CVSS v2 Base Score: 4.6 | Impact Score: 6.4 | Exploitability Score: 3.9
VMScore: 409
Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Videolan

Vulnerability Summary

Untrusted search path vulnerability in VideoLAN VLC prior to 0.9.0 allows local users to execute arbitrary code via a malicious library under the modules/ or plugins/ subdirectories of the current working directory.

Vulnerable Product Search on Vulmon Subscribe to Product

videolan vlc 0.8.0

videolan vlc 0.8.5

videolan vlc 0.7.0

videolan vlc 0.4.6

videolan vlc 0.8.4

videolan vlc 0.8.6b

videolan vlc 0.5.3

videolan vlc 0.6.0

videolan vlc 0.8.6c

videolan vlc 0.7.1

videolan vlc 0.6.1

videolan vlc 0.6.2

videolan vlc 0.5.2

videolan vlc 0.5.1a

videolan vlc 0.8.1

videolan vlc 0.8.6d

videolan vlc 0.5.0

videolan vlc 0.8.6e

videolan vlc 0.5.1

videolan vlc 0.7.2

videolan vlc

videolan vlc 0.8.2

videolan vlc 0.8.4a

videolan vlc 0.8.6a

Vendor Advisories

Debian CVElist Bug Report Logs: vlc: CVE-2008-2147 untrusted search path vulnerability for module library
Debian Bug report logs - #480724 vlc: CVE-2008-2147 untrusted search path vulnerability for module library Package: vlc; Maintainer for vlc is Debian Multimedia Maintainers <debian-multimedia@listsdebianorg>; Source for vlc is src:vlc (PTS, buildd, popcon) Reported by: Nico Golde <nion@debianorg> Date: Sun, 11 May ...
Debian Security Advisories: DSA-1819-1 vlc -- several vulnerabilities
Several vulnerabilities have been discovered in vlc, a multimedia player and streamer The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2008-1768 Drew Yao discovered that multiple integer overflows in the MP4 demuxer, Real demuxer and Cinepak codec can lead to the execution of arbitrary code CVE-2008-1769 Dr ...

References

CWE-264http://trac.videolan.org/vlc/ticket/1578http://secunia.com/advisories/31317http://security.gentoo.org/glsa/glsa-200807-13.xmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/42377http://git.videolan.org/?p=vlc.git%3Ba=commit%3Bh=c7cef4fdd8dd72ce0a45be3cda8ba98df5e83181https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=480724https://nvd.nist.govhttps://www.debian.org/security/./dsa-1819
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversalCVE-2024-26978CVE-2024-26982wirelessCVE-2023-6949CVE-2024-26980CVE-2024-32766CVE-2024-26939cache poisoning
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook