4.6
CVE-2008-2147
- EPSS 0.42%
- Veröffentlicht 12.05.2008 20:20:00
- Zuletzt bearbeitet 16.06.2026 22:53:11
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Untrusted search path vulnerability in VideoLAN VLC before 0.9.0 allows local users to execute arbitrary code via a malicious library under the modules/ or plugins/ subdirectories of the current working directory.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.42% | 0.331 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.6 | 3.9 | 6.4 |
AV:L/AC:L/Au:N/C:P/I:P/A:P
|
http://git.videolan.org/?p=vlc.git%3Ba=commit%3Bh=c7cef4fdd8dd72ce0a45be3cda8ba98df5e83181
http://secunia.com/advisories/31317
http://security.gentoo.org/glsa/glsa-200807-13.xml
http://trac.videolan.org/vlc/ticket/1578
https://exchange.xforce.ibmcloud.com/vulnerabilities/42377