Home

CVE-2009-1045

Description

requests/status.xml in VLC 0.9.8a allows remote attackers to cause a denial of service (stack consumption and crash) via a long input argument in an in_play action.

Risk Information

Base Score
8.6
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N/E:P/RL:O/RC:C
EPSS Score
Exploitation Probability
9.983

Associated Vulnerability

VulnerabilityOS Platform
Multiple vulnerabilities affected in VLC Media Player (X64) 0.9.8aWindows
Multiple vulnerabilities affected in VLC Media Player 0.9.8aWindows
Multiple Vulnerabilities are affected in VLC Media Player (MSI) (x64) 0.9.8aWindows
Multiple Vulnerabilities are affected in VLC media player (MSI) 0.9.8aWindows

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-339135VLC Media Player (X64) (3.0.21)
PATCH-339134VLC Media Player (3.0.21)
PATCH-334048VLC media player (MSI) (x64) (3.0.20.0)
PATCH-334050VLC media player (MSI) (3.0.20.0)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234