CVE-2010-3276
published 2011-03-28CVE-2010-3276: libdirectx_plugin.dll in VideoLAN VLC Media Player before 1.1.8 allows remote attackers to execute arbitrary code via a crafted width in an NSV file.
PriorityP349critical9.3CVSS 2.0
AVNACMAuNCCICAC
EPSS
7.46%
93.7th percentile
libdirectx_plugin.dll in VideoLAN VLC Media Player before 1.1.8 allows remote attackers to execute arbitrary code via a crafted width in an NSV file.
Affected
75 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | vlc | < vlc 1.1.8-1 (bookworm) | vlc 1.1.8-1 (bookworm) |
| videolan | vlc_media_player | <= 1.1.7 | — |
| videolan | vlc_media_player | — | — |
| videolan | vlc_media_player | — | — |
| videolan | vlc_media_player | — | — |
| videolan | vlc_media_player | — | — |
| videolan | vlc_media_player | — | — |
| videolan | vlc_media_player | — | — |
| videolan | vlc_media_player | — | — |
| videolan | vlc_media_player | — | — |
| videolan | vlc_media_player | — | — |
| videolan | vlc_media_player | — | — |
| videolan | vlc_media_player | — | — |
| videolan | vlc_media_player | — | — |
| videolan | vlc_media_player | — | — |
| videolan | vlc_media_player | — | — |
| videolan | vlc_media_player | — | — |
| videolan | vlc_media_player | — | — |
| videolan | vlc_media_player | — | — |
| videolan | vlc_media_player | — | — |
| videolan | vlc_media_player | — | — |
| videolan | vlc_media_player | — | — |
| videolan | vlc_media_player | — | — |
| videolan | vlc_media_player | — | — |
| videolan | vlc_media_player | — | — |
CVSS provenance
nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
osv9.3CRITICAL
vendor_debian9.3CRITICAL
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-7gp9-qpvg-436r: libdirectx_plugin
ghsa_unreviewed·2022-05-14
CVE-2010-3276 [HIGH] CWE-119 GHSA-7gp9-qpvg-436r: libdirectx_plugin
libdirectx_plugin.dll in VideoLAN VLC Media Player before 1.1.8 allows remote attackers to execute arbitrary code via a crafted width in an NSV file.
OSV
CVE-2010-3276: libdirectx_plugin
osv·2011-03-28·CVSS 9.3
CVE-2010-3276 [CRITICAL] CVE-2010-3276: libdirectx_plugin
libdirectx_plugin.dll in VideoLAN VLC Media Player before 1.1.8 allows remote attackers to execute arbitrary code via a crafted width in an NSV file.
Debian
CVE-2010-3276: vlc - libdirectx_plugin.dll in VideoLAN VLC Media Player before 1.1.8 allows remote at...
vendor_debian·2010·CVSS 9.3
CVE-2010-3276 [CRITICAL] CVE-2010-3276: vlc - libdirectx_plugin.dll in VideoLAN VLC Media Player before 1.1.8 allows remote at...
libdirectx_plugin.dll in VideoLAN VLC Media Player before 1.1.8 allows remote attackers to execute arbitrary code via a crafted width in an NSV file.
Scope: local
bookworm: resolved (fixed in 1.1.8-1)
bullseye: resolved (fixed in 1.1.8-1)
forky: resolved (fixed in 1.1.8-1)
sid: resolved (fixed in 1.1.8-1)
trixie: resolved (fixed in 1.1.8-1)
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://secunia.com/advisories/43826http://securityreason.com/securityalert/8162http://securitytracker.com/id?1025250http://www.coresecurity.com/content/vlc-vulnerabilities-amv-nsv-fileshttp://www.debian.org/security/2011/dsa-2211http://www.osvdb.org/71278http://www.securityfocus.com/archive/1/517150/100/0/threadedhttp://www.securityfocus.com/bid/47012http://www.videolan.org/vlc/releases/1.1.8.htmlhttp://www.vupen.com/english/advisories/2011/0759https://exchange.xforce.ibmcloud.com/vulnerabilities/66260https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14873http://secunia.com/advisories/43826http://securityreason.com/securityalert/8162http://securitytracker.com/id?1025250http://www.coresecurity.com/content/vlc-vulnerabilities-amv-nsv-fileshttp://www.debian.org/security/2011/dsa-2211http://www.osvdb.org/71278http://www.securityfocus.com/archive/1/517150/100/0/threadedhttp://www.securityfocus.com/bid/47012http://www.videolan.org/vlc/releases/1.1.8.htmlhttp://www.vupen.com/english/advisories/2011/0759https://exchange.xforce.ibmcloud.com/vulnerabilities/66260https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14873
2011-03-28
Published