Home

CVE-2013-1868

Description

Multiple buffer overflows in VideoLAN VLC media player 2.0.4 and earlier allow remote attackers to cause a denial of service (crash) and execute arbitrary code via vectors related to the (1) freetype renderer and (2) HTML subtitle parser.

Risk Information

Base Score
9.8
MODERATE
Vector
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
50.657

Associated Vulnerability

VulnerabilityOS Platform
Multiple Vulnerabilities are affected in VLC Media Player (MSI) (x64) 2.0.0Windows
Multiple Vulnerabilities are affected in VLC media player (MSI) 2.0.0Windows
Multiple Vulnerabilities are affected in VLC Media Player (MSI) (x64) 2.0.1Windows
Multiple Vulnerabilities are affected in VLC media player (MSI) 2.0.1Windows
Multiple Vulnerabilities are affected in VLC Media Player (MSI) (x64) 2.0.3Windows
Multiple Vulnerabilities are affected in VLC media player (MSI) 2.0.3Windows
Multiple Vulnerabilities are affected in VLC Media Player (MSI) (x64) 2.0.2Windows
Multiple Vulnerabilities are affected in VLC Media Player (MSI) (x64) 2.0.4Windows
Multiple Vulnerabilities are affected in VLC media player (MSI) 2.0.2Windows
Multiple Vulnerabilities are affected in VLC media player (MSI) 2.0.4Windows
vlc security update(DSA-3150-1) vlc_2.0.3-5+deb7u2+b1_i386.debLinux

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-334048VLC media player (MSI) (x64) (3.0.20.0)
PATCH-334050VLC media player (MSI) (3.0.20.0)
PATCH-334048VLC media player (MSI) (x64) (3.0.20.0)
PATCH-334050VLC media player (MSI) (3.0.20.0)
PATCH-334048VLC media player (MSI) (x64) (3.0.20.0)
PATCH-334050VLC media player (MSI) (3.0.20.0)
PATCH-334048VLC media player (MSI) (x64) (3.0.20.0)
PATCH-334048VLC media player (MSI) (x64) (3.0.20.0)
PATCH-334050VLC media player (MSI) (3.0.20.0)
PATCH-334050VLC media player (MSI) (3.0.20.0)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234