CVE-2010-0364

VideoLAN VLC Media Player 0.8.6 - Stack-Based Buffer Overflow via Crafted Advanced SubStation Alpha Subtitle

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2010-0364. PoCs published by fl0 fl0w.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in VLC 0.6.8 by crafting a malicious .ASS subtitle file and an OGG file. It uses a structured approach to overwrite EIP and execute shellcode for remote code execution.

Description

Stack-based buffer overflow in VideoLAN VLC Media Player 0.8.6 allows user-assisted remote attackers to execute arbitrary code via an ogg file with a crafted Advanced SubStation Alpha Subtitle (.ass) file, probably involving the Dialogue field.

Exploits (1)

exploitdb WORKING POC VERIFIED
by fl0 fl0w · clocalwindows
https://www.exploit-db.com/exploits/11174

This exploit targets a buffer overflow vulnerability in VLC 0.6.8 by crafting a malicious .ASS subtitle file and an OGG file. It uses a structured approach to overwrite EIP and execute shellcode for remote code execution.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: VLC 0.6.8
No auth needed
Prerequisites: VLC 0.6.8 installed on a Windows system · Ability to deliver malicious .ASS and OGG files to the target
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/55717
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/37832
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14342
Exploit exploit x_refsource_exploit-db
http://www.exploit-db.com/exploits/11174

Scores

EPSS 0.0658
EPSS Percentile 92.9%

Details

CWE
CWE-119
Status published
Products (1)
videolan/vlc_media_player 0.8.6
Published Jan 21, 2010
Tracked Since Feb 18, 2026