CVE-2007-0256

VideoLAN VLC 0.8.6a - Denial of Service via Crafted WMV File

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2007-0256. PoCs published by shinnai.

AI-analyzed exploit summary This exploit generates a malformed WMV file that triggers a denial of service (DoS) in VLC media player 0.8.6a by overflowing a buffer with a large string of 'A' characters. The exploit is straightforward and relies on a crafted file to crash the application.

Description

VideoLAN VLC 0.8.6a allows remote attackers to cause a denial of service (application crash) via a crafted .wmv file.

Exploits (2)

exploitdb WORKING POC VERIFIED
by shinnai · pythondoswindows
https://www.exploit-db.com/exploits/3119

This exploit generates a malformed WMV file that triggers a denial of service (DoS) in VLC media player 0.8.6a by overflowing a buffer with a large string of 'A' characters. The exploit is straightforward and relies on a crafted file to crash the application.

Classification
Working Poc 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: VLC media player 0.8.6a
No auth needed
Prerequisites: VLC media player 0.8.6a installed on the target system
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by shinnai · pythondoswindows
https://www.exploit-db.com/exploits/29443

This exploit generates a malformed WMV file that triggers a denial-of-service (DoS) vulnerability in VLC Media Player 0.8.6a by causing a crash when the file is processed. The PoC constructs a file with a crafted header followed by a large buffer of 'A' characters to exploit insufficient input validation.

Classification
Working Poc 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: VLC Media Player 0.8.6a
No auth needed
Prerequisites: VLC Media Player 0.8.6a installed on the target system · Ability to deliver the malformed WMV file to the target
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (6)

Core 6
Core References
Third Party Advisory x_refsource_confirm
http://wiki.videolan.org/Changelog/0.8.6b
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/22003
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/39022
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14698
Third Party Advisory, VDB Entry x_refsource_misc
http://downloads.securityfocus.com/vulnerabilities/exploits/22003.py
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/31515

Scores

EPSS 0.1152
EPSS Percentile 95.5%

Details

Status published
Products (1)
videolan/vlc_media_player 0.8.6a
Published Jan 16, 2007
Tracked Since Feb 18, 2026