Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2011-0522Improper Restriction of Operations within the Bounds of a Memory Buffer in VLC Media Player

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer7 documents7 sources
Severity
6.8MEDIUMNVD
EPSS
66.4%
top 1.46%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Videolan VLC Media Player
Timeline
PublishedFeb 7
Latest updateMay 17

Description

The StripTags function in (1) the USF decoder (modules/codec/subtitles/subsdec.c) and (2) the Text decoder (modules/codec/subtitles/subsusf.c) in VideoLAN VLC Media Player 1.1 before 1.1.6-rc allows remote attackers to execute arbitrary code via a subtitle with an opening "" in an MKV file, which triggers heap memory corruption, as demonstrated using refined-australia-blu720p-sample.mkv.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages2 packages

Debianvideolan/vlc_media_player< 1.1.3-1squeeze2+3
NVDvideolan/vlc_media_player7 versions+6

Patches

Patch: mailman.videolan.orgPatch: www.openwall.comPatch: www.openwall.com

🔴Vulnerability Details

3
GHSA
GHSA-fw4m-69v6-35wh: The StripTags function in (1) the USF decoder (modules/codec/subtitles/subsdec2022-05-17
OSV
CVE-2011-0522: The StripTags function in (1) the USF decoder (modules/codec/subtitles/subsdec2011-02-07
CVEList
CVE-2011-0522: The StripTags function in (1) the USF decoder (modules/codec/subtitles/subsdec2011-02-07

💥Exploits & PoCs

1
Exploit-DB
VideoLAN VLC Media Player 1.1 - Subtitle 'StripTags()' Memory Corruption2011-02-03

📋Vendor Advisories

1
Debian
CVE-2011-0522: vlc - The StripTags function in (1) the USF decoder (modules/codec/subtitles/subsdec.c...2011

💬Community

1
Bugzilla
CVE-2011-4355 gdb: object file .debug_gdb_scripts section improper input validation2011-05-09
CVE-2011-0522 — Videolan VLC Media Player vulnerability | cvebase