CVE-2008-0984
Description
The MP4 demuxer (mp4.c) for VLC media player 0.8.6d and earlier, as used in Miro Player 1.1 and earlier, allows remote attackers to overwrite arbitrary memory and execute arbitrary code via a malformed MP4 file.
Risk Information
Base Score
8.6
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N/E:P/RL:O/RC:C
EPSS Score
Exploitation Probability
26.592
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Update VLC Media Player 0.8.6 to latest version | Windows |
| Update VLC Media Player 0.8.6 (x64) to latest version | Windows |
| Multiple Vulnerabilities are affected in VLC Media Player (MSI) (x64) 0.8.6d | Windows |
| Multiple Vulnerabilities are affected in VLC media player (MSI) 0.8.6d | Windows |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-339134 | VLC Media Player (3.0.21) |
| PATCH-339135 | VLC Media Player (X64) (3.0.21) |
| PATCH-334048 | VLC media player (MSI) (x64) (3.0.20.0) |
| PATCH-334050 | VLC media player (MSI) (3.0.20.0) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234