CVE-2011-1087
published 2011-05-03CVE-2011-1087: Buffer overflow in VideoLAN VLC media player 1.0.5 allows user-assisted remote attackers to cause a denial of service (memory corruption and application crash)…
PriorityP337high7.6CVSS 2.0
AVNACHAuNCCICAC
EPSS
8.07%
94.1th percentile
Buffer overflow in VideoLAN VLC media player 1.0.5 allows user-assisted remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted .mp3 file that is played during bookmark creation.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | vlc | < vlc 1.1.10-1 (bookworm) | vlc 1.1.10-1 (bookworm) |
| videolan | vlc_media_player | — | — |
| videolan | vlc_media_player | >= 0 < 1.1.10-1 | 1.1.10-1 |
| videolan | vlc_media_player | >= 0 < 1.1.10-1 | 1.1.10-1 |
| videolan | vlc_media_player | >= 0 < 1.1.10-1 | 1.1.10-1 |
| videolan | vlc_media_player | >= 0 < 1.1.10-1 | 1.1.10-1 |
CVSS provenance
nvdv2.07.6HIGHAV:N/AC:H/Au:N/C:C/I:C/A:C
osv7.6HIGH
vendor_debian7.6LOW
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-qvq4-69gg-r8gx: Buffer overflow in VideoLAN VLC media player 1
ghsa_unreviewed·2022-05-17
CVE-2011-1087 [HIGH] CWE-119 GHSA-qvq4-69gg-r8gx: Buffer overflow in VideoLAN VLC media player 1
Buffer overflow in VideoLAN VLC media player 1.0.5 allows user-assisted remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted .mp3 file that is played during bookmark creation.
OSV
CVE-2011-1087: Buffer overflow in VideoLAN VLC media player 1
osv·2011-05-03·CVSS 7.6
CVE-2011-1087 [HIGH] CVE-2011-1087: Buffer overflow in VideoLAN VLC media player 1
Buffer overflow in VideoLAN VLC media player 1.0.5 allows user-assisted remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted .mp3 file that is played during bookmark creation.
Debian
CVE-2011-1087: vlc - Buffer overflow in VideoLAN VLC media player 1.0.5 allows user-assisted remote a...
vendor_debian·2011·CVSS 7.6
CVE-2011-1087 [HIGH] CVE-2011-1087: vlc - Buffer overflow in VideoLAN VLC media player 1.0.5 allows user-assisted remote a...
Buffer overflow in VideoLAN VLC media player 1.0.5 allows user-assisted remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted .mp3 file that is played during bookmark creation.
Scope: local
bookworm: resolved (fixed in 1.1.10-1)
bullseye: resolved (fixed in 1.1.10-1)
forky: resolved (fixed in 1.1.10-1)
sid: resolved (fixed in 1.1.10-1)
trixie: resolved (fixed in 1.1.10-1)
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://openwall.com/lists/oss-security/2011/03/02/3http://openwall.com/lists/oss-security/2011/03/03/8http://openwall.com/lists/oss-security/2011/03/03/9http://openwall.com/lists/oss-security/2011/03/28/7http://secunia.com/advisories/38853http://www.osvdb.org/62728http://www.securityfocus.com/bid/38569http://www.zeroscience.mk/en/vulnerabilities/ZSL-2010-4931.phphttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14532http://openwall.com/lists/oss-security/2011/03/02/3http://openwall.com/lists/oss-security/2011/03/03/8http://openwall.com/lists/oss-security/2011/03/03/9http://openwall.com/lists/oss-security/2011/03/28/7http://secunia.com/advisories/38853http://www.osvdb.org/62728http://www.securityfocus.com/bid/38569http://www.zeroscience.mk/en/vulnerabilities/ZSL-2010-4931.phphttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14532
2011-05-03
Published