CVE-2008-2147

Published May 12, 2008

Last updated a year ago

CVSS info 4.6

Overview

Description: Untrusted search path vulnerability in VideoLAN VLC before 0.9.0 allows local users to execute arbitrary code via a malicious library under the modules/ or plugins/ subdirectories of the current working directory.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 4.6
Impact score: 6.4
Exploitability score: 3.9
Vector string: AV:L/AC:L/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-264

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:videolan:vlc:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6C5ACEC7-D436-49F2-821B-EE4B1D982A55",
            "versionEndIncluding": "0.8.6"
          },
          {
            "criteria": "cpe:2.3:a:videolan:vlc:0.4.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8CBF1B20-1478-472C-B9A1-974A7A5333C6"
          },
          {
            "criteria": "cpe:2.3:a:videolan:vlc:0.5.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C29EDDF9-DE90-4AA7-8454-D42B4C37ECF0"
          },
          {
            "criteria": "cpe:2.3:a:videolan:vlc:0.5.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "02AF1C9A-FD6F-4CA4-8275-8B7655F861F2"
          },
          {
            "criteria": "cpe:2.3:a:videolan:vlc:0.5.1a:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "26768501-C17C-4ABF-AB47-D4BE2C902D51"
          },
          {
            "criteria": "cpe:2.3:a:videolan:vlc:0.5.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5B56B15F-7504-4D55-8C31-1C28F1A8129D"
          },
          {
            "criteria": "cpe:2.3:a:videolan:vlc:0.5.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6C6BB497-20F6-4CCB-A24E-7228BE68CA5B"
          },
          {
            "criteria": "cpe:2.3:a:videolan:vlc:0.6.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0D2855B3-D0ED-4C8E-95A0-151E88F95057"
          },
          {
            "criteria": "cpe:2.3:a:videolan:vlc:0.6.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "56B90DCE-2EA9-49AA-9F63-0515C751E821"
          },
          {
            "criteria": "cpe:2.3:a:videolan:vlc:0.6.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "34C4F8C4-EEA4-4369-BBC8-C726059C8852"
          },
          {
            "criteria": "cpe:2.3:a:videolan:vlc:0.7.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C2821324-7A44-40CD-95B8-F4B5B09E6D69"
          },
          {
            "criteria": "cpe:2.3:a:videolan:vlc:0.7.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4A98AC34-2FAB-4CAE-9D14-B4E11CC2AFB3"
          },
          {
            "criteria": "cpe:2.3:a:videolan:vlc:0.7.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "347E213C-83AF-4F98-8096-2113E00C1BC4"
          },
          {
            "criteria": "cpe:2.3:a:videolan:vlc:0.8.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6A26753D-44F2-49F6-8486-1DD61297C037"
          },
          {
            "criteria": "cpe:2.3:a:videolan:vlc:0.8.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "67C2B1C1-1606-411D-A9CA-D1A654FD4133"
          },
          {
            "criteria": "cpe:2.3:a:videolan:vlc:0.8.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "28BBBBAF-71F7-4F47-ADE6-FF7B590832E1"
          },
          {
            "criteria": "cpe:2.3:a:videolan:vlc:0.8.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5AC67A7B-21E0-45DA-A70F-EE97079140A7"
          },
          {
            "criteria": "cpe:2.3:a:videolan:vlc:0.8.4a:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1062EB82-2A6C-4770-A339-21686FF9E923"
          },
          {
            "criteria": "cpe:2.3:a:videolan:vlc:0.8.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FEA7ECBE-1CAE-47C5-ACC1-F7BBA3946CCA"
          },
          {
            "criteria": "cpe:2.3:a:videolan:vlc:0.8.6a:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9E85F765-D2DF-41C0-A90F-732861CA32F3"
          },
          {
            "criteria": "cpe:2.3:a:videolan:vlc:0.8.6b:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "26981B0C-6A7E-40BA-8F50-0C19870258FE"
          },
          {
            "criteria": "cpe:2.3:a:videolan:vlc:0.8.6c:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "89FAFEE4-35FE-44BE-90DD-1E067A1A2AAA"
          },
          {
            "criteria": "cpe:2.3:a:videolan:vlc:0.8.6d:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "686E1C6D-CDE6-4615-B983-3BCDDDE921AD"
          },
          {
            "criteria": "cpe:2.3:a:videolan:vlc:0.8.6e:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6545867A-07ED-4E16-AED0-566C5CCD46FE"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References