CVE-2010-0364

Videolan Vlc Media Player - Memory Corruption

Title source: rule

Description

Stack-based buffer overflow in VideoLAN VLC Media Player 0.8.6 allows user-assisted remote attackers to execute arbitrary code via an ogg file with a crafted Advanced SubStation Alpha Subtitle (.ass) file, probably involving the Dialogue field.

Exploits (1)

exploitdb WORKING POC VERIFIED

by fl0 fl0w · clocalwindows

https://www.exploit-db.com/exploits/11174

View Code ZIP pw:eip

References (4)

[Exploit] http://www.exploit-db.com/exploits/11174

[Exploit] http://www.securityfocus.com/bid/37832

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/55717

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14342

Scores

EPSS 0.0667

EPSS Percentile 91.3%

Details

CWE

CWE-119

Status published

Products (1)

videolan/vlc_media_player 0.8.6

Published Jan 21, 2010

Tracked Since Feb 18, 2026