CVE-2012-1776
VLC media player < 2.0.1 - Remote Code Execution via Crafted Real RTSP Stream
Title source: llmDescription
Multiple heap-based buffer overflows in VideoLAN VLC media player before 2.0.1 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Real RTSP stream.
References (5)
Core 5
Core References
Vendor Advisory x_refsource_confirm
http://www.videolan.org/security/sa1202.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/74118
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/52550
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/80189
Third Party Advisory, VDB Entry vdb-entry
signature
x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14817
Scores
EPSS
0.0527
EPSS Percentile
91.6%
Details
CWE
CWE-119
Status
published
Products (48)
videolan/vlc_media_player
0.1.99a
videolan/vlc_media_player
0.1.99b
videolan/vlc_media_player
0.1.99c
videolan/vlc_media_player
0.1.99d
videolan/vlc_media_player
0.1.99e
videolan/vlc_media_player
0.1.99f
videolan/vlc_media_player
0.1.99g
videolan/vlc_media_player
0.1.99h
videolan/vlc_media_player
0.1.99i
videolan/vlc_media_player
0.2.0
... and 38 more
Published
Mar 19, 2012
Tracked Since
Feb 18, 2026