5

CVE-2007-6683

Exploit
The browser plugin in VideoLAN VLC 0.8.6d allows remote attackers to overwrite arbitrary files via (1) the :demuxdump-file option in a filename in a playlist, or (2) a EXTVLCOPT statement in an MP3 file, possibly an argument injection vulnerability.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
VideolanVlc Version0.8.6d
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.78% 0.845
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:P/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/29284
http://secunia.com/advisories/29766
http://www.debian.org/security/2008/dsa-1543
http://www.gentoo.org/security/en/glsa/glsa-200803-13.xml
http://mailman.videolan.org/pipermail/vlc-devel/2007-December/037726.html
Exploit
http://osvdb.org/42205
http://osvdb.org/42206
http://www.securityfocus.com/bid/28712
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14619
https://trac.videolan.org/vlc/changeset/23197
https://trac.videolan.org/vlc/ticket/1371