9.3
CVE-2011-0531
- EPSS 41.58%
- Veröffentlicht 07.02.2011 21:00:16
- Zuletzt bearbeitet 16.06.2026 23:27:34
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
demux/mkv/mkv.hpp in the MKV demuxer plugin in VideoLAN VLC media player 1.1.6.1 and earlier allows remote attackers to cause a denial of service (crash) and execute arbitrary commands via a crafted MKV (WebM or Matroska) file that triggers memory corruption, related to "class mismatching" and the MKV_IS_ID macro.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Videolan ≫ Vlc Media Player Version <= 1.1.6.1
Videolan ≫ Vlc Media Player Version0.1.99b
Videolan ≫ Vlc Media Player Version0.1.99e
Videolan ≫ Vlc Media Player Version0.1.99f
Videolan ≫ Vlc Media Player Version0.1.99g
Videolan ≫ Vlc Media Player Version0.1.99h
Videolan ≫ Vlc Media Player Version0.1.99i
Videolan ≫ Vlc Media Player Version0.2.0
Videolan ≫ Vlc Media Player Version0.2.60
Videolan ≫ Vlc Media Player Version0.2.61
Videolan ≫ Vlc Media Player Version0.2.62
Videolan ≫ Vlc Media Player Version0.2.63
Videolan ≫ Vlc Media Player Version0.2.70
Videolan ≫ Vlc Media Player Version0.2.71
Videolan ≫ Vlc Media Player Version0.2.72
Videolan ≫ Vlc Media Player Version0.2.73
Videolan ≫ Vlc Media Player Version0.2.80
Videolan ≫ Vlc Media Player Version0.2.81
Videolan ≫ Vlc Media Player Version0.2.82
Videolan ≫ Vlc Media Player Version0.2.83
Videolan ≫ Vlc Media Player Version0.2.90
Videolan ≫ Vlc Media Player Version0.2.91
Videolan ≫ Vlc Media Player Version0.2.92
Videolan ≫ Vlc Media Player Version0.3.0
Videolan ≫ Vlc Media Player Version0.3.1
Videolan ≫ Vlc Media Player Version0.4.0
Videolan ≫ Vlc Media Player Version0.4.1
Videolan ≫ Vlc Media Player Version0.4.2
Videolan ≫ Vlc Media Player Version0.4.3
Videolan ≫ Vlc Media Player Version0.4.4
Videolan ≫ Vlc Media Player Version0.4.5
Videolan ≫ Vlc Media Player Version0.4.6
Videolan ≫ Vlc Media Player Version0.5.0
Videolan ≫ Vlc Media Player Version0.5.1
Videolan ≫ Vlc Media Player Version0.5.2
Videolan ≫ Vlc Media Player Version0.5.3
Videolan ≫ Vlc Media Player Version0.6.0
Videolan ≫ Vlc Media Player Version0.6.1
Videolan ≫ Vlc Media Player Version0.6.2
Videolan ≫ Vlc Media Player Version0.7.0
Videolan ≫ Vlc Media Player Version0.7.2
Videolan ≫ Vlc Media Player Version0.8.0
Videolan ≫ Vlc Media Player Version0.8.1
Videolan ≫ Vlc Media Player Version0.8.2
Videolan ≫ Vlc Media Player Version0.8.4
Videolan ≫ Vlc Media Player Version0.8.5
Videolan ≫ Vlc Media Player Version0.8.6
Videolan ≫ Vlc Media Player Version0.9.2
Videolan ≫ Vlc Media Player Version0.9.3
Videolan ≫ Vlc Media Player Version0.9.4
Videolan ≫ Vlc Media Player Version0.9.5
Videolan ≫ Vlc Media Player Version0.9.6
Videolan ≫ Vlc Media Player Version0.9.8a
Videolan ≫ Vlc Media Player Version0.9.9
Videolan ≫ Vlc Media Player Version0.9.10
Videolan ≫ Vlc Media Player Version1.0.0
Videolan ≫ Vlc Media Player Version1.0.1
Videolan ≫ Vlc Media Player Version1.0.2
Videolan ≫ Vlc Media Player Version1.0.3
Videolan ≫ Vlc Media Player Version1.0.4
Videolan ≫ Vlc Media Player Version1.0.5
Videolan ≫ Vlc Media Player Version1.0.6
Videolan ≫ Vlc Media Player Version1.1.0
Videolan ≫ Vlc Media Player Version1.1.1
Videolan ≫ Vlc Media Player Version1.1.2
Videolan ≫ Vlc Media Player Version1.1.3
Videolan ≫ Vlc Media Player Version1.1.4
Videolan ≫ Vlc Media Player Version1.1.5
Videolan ≫ Vlc Media Player Version1.1.6
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 41.58% | 0.985 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.3 | 8.6 | 10 |
AV:N/AC:M/Au:N/C:C/I:C/A:C
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
http://git.videolan.org/?p=vlc.git%3Ba=commit%3Bh=59491dcedffbf97612d2c572943b56ee4289dd07
http://osvdb.org/70698
http://secunia.com/advisories/43131
http://secunia.com/advisories/43242
http://www.debian.org/security/2011/dsa-2159
http://www.openwall.com/lists/oss-security/2011/01/31/4
http://www.openwall.com/lists/oss-security/2011/01/31/8
http://www.securityfocus.com/bid/46060
http://www.securitytracker.com/id?1025018
http://www.videolan.org/security/sa1102.html
http://www.vupen.com/english/advisories/2011/0363
https://exchange.xforce.ibmcloud.com/vulnerabilities/65045
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12415