- Description
- The MP4 demuxer (mp4.c) for VLC media player 0.8.6d and earlier, as used in Miro Player 1.1 and earlier, allows remote attackers to overwrite arbitrary memory and execute arbitrary code via a malformed MP4 file.
- Source
- cve@mitre.org
- NVD status
- Modified
CVSS 2.0
- Type
- Primary
- Base score
- 9.3
- Impact score
- 10
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:C/I:C/A:C
- nvd@nist.gov
- CWE-399
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:miro:miro_player:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D3716EED-983F-4088-8CF0-18EF18D4A9B6",
"versionEndIncluding": "1.1"
},
{
"criteria": "cpe:2.3:a:videolan:vlc_media_player:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A14F15BC-28B2-4DCF-86CC-8213DD66402C",
"versionEndIncluding": "0.8.6d"
}
],
"operator": "OR"
}
]
}
]