CVE-2012-1776

VLC media player < 2.0.1 - Remote Code Execution via Crafted Real RTSP Stream

Title source: llm
STIX 2.1

Description

Multiple heap-based buffer overflows in VideoLAN VLC media player before 2.0.1 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Real RTSP stream.

References (5)

Core 5
Core References
Vendor Advisory x_refsource_confirm
http://www.videolan.org/security/sa1202.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/74118
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/52550
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/80189
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14817

Scores

EPSS 0.0527
EPSS Percentile 91.6%

Details

CWE
CWE-119
Status published
Products (48)
videolan/vlc_media_player 0.1.99a
videolan/vlc_media_player 0.1.99b
videolan/vlc_media_player 0.1.99c
videolan/vlc_media_player 0.1.99d
videolan/vlc_media_player 0.1.99e
videolan/vlc_media_player 0.1.99f
videolan/vlc_media_player 0.1.99g
videolan/vlc_media_player 0.1.99h
videolan/vlc_media_player 0.1.99i
videolan/vlc_media_player 0.2.0
... and 38 more
Published Mar 19, 2012
Tracked Since Feb 18, 2026