NVD

Id
15242  
Name
CVE-2010-3907  
Description
Multiple integer overflows in real.c in the Real demuxer plugin in VideoLAN VLC Media Player before 1.1.6 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a zero i_subpackets value in a Real Media file, leading to a heap-based buffer overflow.  
Reject
 
CVSS Version
2  
CVSS Score
9.3  
Severity
High  
CVSS Base Score
9.3  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:C/I:C/A:C)  
Pub Date
2017-01-18  
Published
2011-01-03  
Modified Date
2012-01-27  
Seq
2010-3907  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
85908 15242 CVE-2010-3907 http://git.videolan.org/?p=vlc.git;a=commit;h=6568965770f906d34d4aef83237842a5376adb55  View
85909 15242 CVE-2010-3907 oval:org.mitre.oval:def:13950  View
85910 15242 CVE-2010-3907 http://www.cs.brown.edu/people/drosenbe/research.html  View
85911 15242 CVE-2010-3907 45632  View
85912 15242 CVE-2010-3907 http://www.videolan.org/security/sa1007.html  View
85913 15242 CVE-2010-3907 ADV-2010-3345  View
85914 15242 CVE-2010-3907 vlcmediaplayer-realdemuxer-code-exec(64461)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
37486 JVNDB-2010-003271 VideoLAN VLC Media Player の Real demuxer プラグインにおける整数オーバーフローの脆弱性 VideoLAN VLC Media Player の Real demuxer プラグインには、整数オーバーフローの脆弱性が存在します。 CVE-2010-3907 46487 CVE-2010-3907 15242 9.3 http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-003271.html 2010-12-14 2012-03-27 View