Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2012-1775Improper Restriction of Operations within the Bounds of a Memory Buffer in VLC Media Player

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer6 documents6 sources
Severity
9.3CRITICALNVD
EPSS
72.9%
top 1.22%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Videolan VLC Media Player
Timeline
PublishedMar 19
Latest updateMay 17

Description

Stack-based buffer overflow in VideoLAN VLC media player before 2.0.1 allows remote attackers to execute arbitrary code via a crafted MMS:// stream.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages2 packages

Debianvideolan/vlc_media_player< 2.0.1-1+3

🔴Vulnerability Details

3
GHSA
GHSA-wfww-jfjj-vf3f: Stack-based buffer overflow in VideoLAN VLC media player before 22022-05-17
OSV
CVE-2012-1775: Stack-based buffer overflow in VideoLAN VLC media player before 22012-03-19
CVEList
CVE-2012-1775: Stack-based buffer overflow in VideoLAN VLC media player before 22012-03-19

💥Exploits & PoCs

1
Exploit-DB
VideoLAN VLC Media Player 2.0.0 - Mms Stream Handling Buffer Overflow (Metasploit)2012-05-03

📋Vendor Advisories

1
Debian
CVE-2012-1775: vlc - Stack-based buffer overflow in VideoLAN VLC media player before 2.0.1 allows rem...2012
CVE-2012-1775 — Videolan VLC Media Player vulnerability | cvebase