Shodan
Vulnerabilities
Vulnerable Software
Videolan:  >> Vlc Media Player  >> 0.8.6a  Security Vulnerabilities
CVE-2008-0295
Heap-based buffer overflow in modules/access/rtsp/real_sdpplin.c in the Xine library, as used in VideoLAN VLC Media Player 0.8.6d and earlier, allows user-assisted remote attackers to cause a denial of service (crash) or execute arbitrary code via long Session Description Protocol (SDP) data.
CVSS Score
8.5
EPSS Score
0.252
Published
2008-01-16
CVE-2008-0296
Heap-based buffer overflow in the libaccess_realrtsp plugin in VideoLAN VLC Media Player 0.8.6d and earlier on Windows might allow remote RTSP servers to cause a denial of service (application crash) or execute arbitrary code via a long string.
CVSS Score
10.0
EPSS Score
0.09
Published
2008-01-16
CVE-2007-6262
A certain ActiveX control in axvlc.dll in VideoLAN VLC 0.8.6 before 0.8.6d allows remote attackers to execute arbitrary code via crafted arguments to the (1) addTarget, (2) getVariable, or (3) setVariable function, resulting from a "bad initialized pointer," aka a "recursive plugin release vulnerability."
CVSS Score
6.8
EPSS Score
0.196
Published
2007-12-06
CVE-2007-3467
Integer overflow in the __status_Update function in stats.c VideoLAN VLC Media Player before 0.8.6c allows remote attackers to cause a denial of service (crash) via a WAV file with a large sample rate.
CVSS Score
7.8
EPSS Score
0.012
Published
2007-06-27
CVE-2007-3468
input.c in VideoLAN VLC Media Player before 0.8.6c allows remote attackers to cause a denial of service (crash) via a crafted WAV file that causes an uninitialized i_nb_resamplers variable to be used.
CVSS Score
7.8
EPSS Score
0.012
Published
2007-06-27
CVE-2007-3316
Multiple format string vulnerabilities in plugins in VideoLAN VLC Media Player before 0.8.6c allow remote attackers to cause a denial of service (crash) or execute arbitrary code via format string specifiers in (1) an Ogg/Vorbis file, (2) an Ogg/Theora file, (3) a CDDB entry for a CD Digital Audio (CDDA) file, or (4) Service Announce Protocol (SAP) multicast packets.
CVSS Score
9.3
EPSS Score
0.462
Published
2007-06-21
CVE-2007-0256
VideoLAN VLC 0.8.6a allows remote attackers to cause a denial of service (application crash) via a crafted .wmv file.
CVSS Score
7.8
EPSS Score
0.259
Published
2007-01-16


Products
Pricing
Contact Us

Shodan ® - All rights reserved