CVE-2010-3275

VideoLAN VLC Media Player <1.1.8 - RCE

Title source: llm

Description

libdirectx_plugin.dll in VideoLAN VLC Media Player before 1.1.8 allows remote attackers to execute arbitrary code via a crafted width in an AMV file, related to a "dangling pointer vulnerability."

Exploits (2)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/17048

View Code ZIP pw:eip

metasploit WORKING POC GOOD

by sinn3r · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/vlc_amv.rb

View Code ZIP pw:eip

References (14)

[Vendor Advisory] http://secunia.com/advisories/43826

[Various Sources] http://www.coresecurity.com/content/vlc-vulnerabilities-amv-nsv-files

[Exploit] http://www.exploit-db.com/exploits/17048

[Exploit] http://www.metasploit.com/modules/exploit/windows/browser/vlc_amv

[Third Party Advisory, VDB Entry] http://www.osvdb.org/71277

[Exploit] http://www.securityfocus.com/bid/47012

[Patch] http://www.videolan.org/vlc/releases/1.1.8.html

[Vendor Advisory] http://www.vupen.com/english/advisories/2011/0759

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/66259

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/517150/100/0/threaded

[Third Party Advisory] http://www.debian.org/security/2011/dsa-2211

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14718

[Third Party Advisory, VDB Entry] http://securitytracker.com/id?1025250

[Third Party Advisory] http://securityreason.com/securityalert/8162

Scores

EPSS 0.8622

EPSS Percentile 99.4%

Details

CWE

CWE-119

Status published

Products (50)

videolan/vlc_media_player 0.1.99b

videolan/vlc_media_player 0.1.99e

videolan/vlc_media_player 0.1.99f

videolan/vlc_media_player 0.1.99g

videolan/vlc_media_player 0.1.99h

videolan/vlc_media_player 0.1.99i

videolan/vlc_media_player 0.2.0

videolan/vlc_media_player 0.2.60

videolan/vlc_media_player 0.2.61

videolan/vlc_media_player 0.2.62

... and 40 more

Published Mar 28, 2011

Tracked Since Feb 18, 2026