Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2007-6681Improper Restriction of Operations within the Bounds of a Memory Buffer in VLC

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer7 documents6 sources
Severity
7.5HIGHNVD
EPSS
39.0%
top 2.72%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
Videolan VLC Media PlayerVideolan VLC
Timeline
PublishedJan 17
Latest updateMay 1

Description

Stack-based buffer overflow in modules/demux/subtitle.c in VideoLAN VLC 0.8.6d allows remote attackers to execute arbitrary code via a long subtitle in a (1) MicroDvd, (2) SSA, and (3) Vplayer file.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages2 packages

Debianvideolan/vlc_media_player< 0.8.6.c-4.1+3
NVDvideolan/vlc0.8.6d

🔴Vulnerability Details

3
GHSA
GHSA-rpgr-7f6v-4qmq: Stack-based buffer overflow in modules/demux/subtitle2022-05-01
CVEList
CVE-2007-6681: Stack-based buffer overflow in modules/demux/subtitle2008-01-17
OSV
CVE-2007-6681: Stack-based buffer overflow in modules/demux/subtitle2008-01-17

💥Exploits & PoCs

2
Exploit-DB
VideoLAN VLC Media Player 0.8.6d SSA Parsing Double Sh311 - Universal2008-05-23
Exploit-DB
Kantaris 0.3.4 - SSA Subtitle Local Buffer Overflow2008-04-25

📋Vendor Advisories

1
Debian
CVE-2007-6681: vlc - Stack-based buffer overflow in modules/demux/subtitle.c in VideoLAN VLC 0.8.6d a...2007
CVE-2007-6681 — Videolan VLC vulnerability | cvebase