Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9.3
CVSSv2

CVE-2010-3275

Published: 28/03/2011 Updated: 10/10/2018
CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6
VMScore: 935
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Subscribe to Vlc Media Player

Vulnerability Summary

libdirectx_plugin.dll in VideoLAN VLC Media Player prior to 1.1.8 allows remote malicious users to execute arbitrary code via a crafted width in an AMV file, related to a "dangling pointer vulnerability."

Vulnerable Product Search on Vulmon Subscribe to Product

videolan vlc media player 0.4.1

videolan vlc media player 0.2.83

videolan vlc media player 0.2.82

videolan vlc media player 0.2.63

videolan vlc media player 0.2.70

videolan vlc media player 0.4.3

videolan vlc media player 0.4.2

videolan vlc media player 0.2.62

videolan vlc media player 0.2.61

videolan vlc media player 0.5.3

videolan vlc media player 0.7.0

videolan vlc media player 0.6.2

videolan vlc media player 0.8.6

videolan vlc media player 0.9.10

videolan vlc media player 0.9.9

videolan vlc media player 1.0.0

videolan vlc media player 1.1.3

videolan vlc media player 1.0.5

videolan vlc media player 0.3.0

videolan vlc media player 0.2.92

videolan vlc media player 0.2.73

videolan vlc media player 0.5.1

videolan vlc media player 0.4.6

videolan vlc media player 0.1.99i

videolan vlc media player 0.1.99h

videolan vlc media player 0.1.99e

videolan vlc media player 0.1.99b

videolan vlc media player 0.8.1

videolan vlc media player 0.8.2

videolan vlc media player 0.9.4

videolan vlc media player 0.9.5

videolan vlc media player 1.0.2

videolan vlc media player 1.0.4

videolan vlc media player 1.1.5

videolan vlc media player 1.1.6

videolan vlc media player 0.2.90

videolan vlc media player 0.2.91

videolan vlc media player 0.2.71

videolan vlc media player 0.2.72

videolan vlc media player 0.4.5

videolan vlc media player 0.4.4

videolan vlc media player 0.2.0

videolan vlc media player 0.2.60

videolan vlc media player 0.7.2

videolan vlc media player 0.8.0

videolan vlc media player 0.9.2

videolan vlc media player 0.9.3

videolan vlc media player 1.0.1

videolan vlc media player 1.0.3

videolan vlc media player 1.0.6

videolan vlc media player 1.1.4

videolan vlc media player 0.3.1

videolan vlc media player 0.4.0

videolan vlc media player 0.2.80

videolan vlc media player 0.2.81

videolan vlc media player 0.6.1

videolan vlc media player 0.5.2

videolan vlc media player 0.1.99g

videolan vlc media player 0.1.99f

videolan vlc media player 0.5.0

videolan vlc media player 0.6.0

videolan vlc media player 0.8.4

videolan vlc media player 0.8.5

videolan vlc media player 0.9.6

videolan vlc media player 0.9.8a

videolan vlc media player 1.1.0

videolan vlc media player 1.1.1

videolan vlc media player 1.1.2

videolan vlc media player

videolan vlc media player 1.1.6.1

Exploits

Exploit DB: VideoLAN VLC Media Player 1.1.4 - 'AMV' Dangling Pointer (Metasploit)
## # $Id: vlc_amvrb 12140 2011-03-26 00:07:36Z sinn3r $ ## ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # Framework web site for more information on licensing and terms of use # metasploitcom/framework/ ## require 'msf/core' class Metasp ...
Exploit DB: VLC AMV Dangling Pointer Vulnerability
This Metasploit module exploits VLC media player when handling a AMV file By flipping the 0x41st byte in the file format (video width/height), VLC crashes due to an invalid pointer, which allows remote attackers to gain arbitrary code execution The vulnerable packages include: VLC 114 VLC 115 VLC 116 VLC 117 ...

References

CWE-119http://www.securityfocus.com/bid/47012http://www.metasploit.com/modules/exploit/windows/browser/vlc_amvhttp://www.vupen.com/english/advisories/2011/0759http://www.videolan.org/vlc/releases/1.1.8.htmlhttp://www.osvdb.org/71277http://secunia.com/advisories/43826http://www.exploit-db.com/exploits/17048http://www.coresecurity.com/content/vlc-vulnerabilities-amv-nsv-fileshttp://securitytracker.com/id?1025250http://www.debian.org/security/2011/dsa-2211http://securityreason.com/securityalert/8162https://exchange.xforce.ibmcloud.com/vulnerabilities/66259https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14718http://www.securityfocus.com/archive/1/517150/100/0/threadedhttps://nvd.nist.govhttps://www.exploit-db.com/exploits/17048/
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463CVE-2024-29895injectCVE-2023-52689CVE-2024-5049CVE-2024-5051privilege escalationphysicalCVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook