ID CVE-2011-2194
Summary Integer overflow in the XSPF playlist parser in VideoLAN VLC media player 0.8.5 through 1.1.9 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors that trigger a heap-based buffer overflow.
References
Vulnerable Configurations
  • cpe:2.3:a:videolan:vlc_media_player:0.8.5:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc_media_player:0.8.5:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc_media_player:0.8.6:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc_media_player:0.8.6:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc_media_player:0.8.6a:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc_media_player:0.8.6a:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc_media_player:0.8.6b:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc_media_player:0.8.6b:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc_media_player:0.8.6c:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc_media_player:0.8.6c:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc_media_player:0.8.6d:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc_media_player:0.8.6d:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc_media_player:0.8.6e:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc_media_player:0.8.6e:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc_media_player:0.8.6f:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc_media_player:0.8.6f:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc_media_player:0.8.6g:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc_media_player:0.8.6g:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc_media_player:0.8.6h:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc_media_player:0.8.6h:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc_media_player:0.8.6i:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc_media_player:0.8.6i:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc_media_player:0.9.0:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc_media_player:0.9.0:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc_media_player:0.9.1:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc_media_player:0.9.1:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc_media_player:0.9.2:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc_media_player:0.9.2:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc_media_player:0.9.3:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc_media_player:0.9.3:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc_media_player:0.9.4:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc_media_player:0.9.4:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc_media_player:0.9.5:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc_media_player:0.9.5:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc_media_player:0.9.6:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc_media_player:0.9.6:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc_media_player:0.9.8a:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc_media_player:0.9.8a:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc_media_player:0.9.9:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc_media_player:0.9.9:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc_media_player:0.9.9a:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc_media_player:0.9.9a:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc_media_player:0.9.10:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc_media_player:0.9.10:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc_media_player:1.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc_media_player:1.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc_media_player:1.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc_media_player:1.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc_media_player:1.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc_media_player:1.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc_media_player:1.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc_media_player:1.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc_media_player:1.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc_media_player:1.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc_media_player:1.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc_media_player:1.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc_media_player:1.0.6:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc_media_player:1.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc_media_player:1.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc_media_player:1.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc_media_player:1.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc_media_player:1.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc_media_player:1.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc_media_player:1.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc_media_player:1.1.3:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc_media_player:1.1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc_media_player:1.1.4:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc_media_player:1.1.4:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc_media_player:1.1.4.1:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc_media_player:1.1.4.1:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc_media_player:1.1.5:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc_media_player:1.1.5:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc_media_player:1.1.6:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc_media_player:1.1.6:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc_media_player:1.1.7:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc_media_player:1.1.7:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc_media_player:1.1.8:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc_media_player:1.1.8:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc_media_player:1.1.9:*:*:*:*:*:*:*
    cpe:2.3:a:videolan:vlc_media_player:1.1.9:*:*:*:*:*:*:*
CVSS
Base: 9.3 (as of 19-09-2017 - 01:32)
Impact:
Exploitability:
CWE CWE-189
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
assigner via4 cve@mitre.org
cvss-vector via4 AV:N/AC:M/Au:N/C:C/I:C/A:C
oval via4
accepted 2012-11-19T04:00:18.579-05:00
class vulnerability
contributors
  • name Shane Shaffer
    organization G2, Inc.
  • name Shane Shaffer
    organization G2, Inc.
definition_extensions
comment VLC media player is installed
oval oval:org.mitre.oval:def:11821
description Integer overflow in the XSPF playlist parser in VideoLAN VLC media player 0.8.5 through 1.1.9 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors that trigger a heap-based buffer overflow.
family windows
id oval:org.mitre.oval:def:14774
status accepted
submitted 2012-01-24T15:20:33.178-04:00
title Integer overflow in the XSPF playlist parser in VideoLAN VLC media player 0.8.5 through 1.1.9
version 6
refmap via4
bid 48171
confirm http://www.videolan.org/security/sa1104.html
debian DSA-2257
secunia 44892
vulnerable_product via4
  • cpe:2.3:a:videolan:vlc_media_player:0.8.5:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc_media_player:0.8.6:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc_media_player:0.8.6a:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc_media_player:0.8.6b:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc_media_player:0.8.6c:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc_media_player:0.8.6d:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc_media_player:0.8.6e:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc_media_player:0.8.6f:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc_media_player:0.8.6g:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc_media_player:0.8.6h:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc_media_player:0.8.6i:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc_media_player:0.9.0:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc_media_player:0.9.1:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc_media_player:0.9.2:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc_media_player:0.9.3:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc_media_player:0.9.4:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc_media_player:0.9.5:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc_media_player:0.9.6:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc_media_player:0.9.8a:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc_media_player:0.9.9:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc_media_player:0.9.9a:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc_media_player:0.9.10:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc_media_player:1.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc_media_player:1.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc_media_player:1.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc_media_player:1.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc_media_player:1.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc_media_player:1.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc_media_player:1.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc_media_player:1.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc_media_player:1.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc_media_player:1.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc_media_player:1.1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc_media_player:1.1.4:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc_media_player:1.1.4.1:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc_media_player:1.1.5:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc_media_player:1.1.6:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc_media_player:1.1.7:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc_media_player:1.1.8:*:*:*:*:*:*:*
  • cpe:2.3:a:videolan:vlc_media_player:1.1.9:*:*:*:*:*:*:*
Last major update 19-09-2017 - 01:32
Published 24-06-2011 - 20:55
Back to Top