CVE-2010-1443 — VLC Media Player vulnerability
5 documents5 sources
Severity
5.0MEDIUMNVD
EPSS
0.5%
top 32.53%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedDec 26
Latest updateMay 2
Description
The parse_track_node function in modules/demux/playlist/xspf.c in the XSPF playlist parser in VideoLAN VLC media player before 1.0.6 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty location element in an XML Shareable Playlist Format (XSPF) document.
CVSS vector
AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9
Affected Packages2 packages
🔴Vulnerability Details
3📋Vendor Advisories
1Debianâ–¶
CVE-2010-1443: vlc - The parse_track_node function in modules/demux/playlist/xspf.c in the XSPF playl...↗2010