OpenCVE

Heap-based buffer overflow in the AVI_ChunkRead_strf function in libavi.c in the AVI demuxer in VideoLAN VLC media player before 1.1.11 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted AVI media file.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:M/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Videolan	Vlc Media Player

Configuration 1 [-]

OR	cpe:2.3:a:videolan:vlc_media_player::::::::
	cpe:2.3:a:videolan:vlc_media_player:0.1.99b:::::::*
	cpe:2.3:a:videolan:vlc_media_player:0.1.99e:::::::*
	cpe:2.3:a:videolan:vlc_media_player:0.1.99f:::::::*
	cpe:2.3:a:videolan:vlc_media_player:0.1.99g:::::::*
	cpe:2.3:a:videolan:vlc_media_player:0.1.99h:::::::*
	cpe:2.3:a:videolan:vlc_media_player:0.1.99i:::::::*
	cpe:2.3:a:videolan:vlc_media_player:0.2.0:::::::*
	cpe:2.3:a:videolan:vlc_media_player:0.2.60:::::::*
	cpe:2.3:a:videolan:vlc_media_player:0.2.61:::::::*
	cpe:2.3:a:videolan:vlc_media_player:0.2.62:::::::*
	cpe:2.3:a:videolan:vlc_media_player:0.2.63:::::::*
	cpe:2.3:a:videolan:vlc_media_player:0.2.70:::::::*
	cpe:2.3:a:videolan:vlc_media_player:0.2.71:::::::*
	cpe:2.3:a:videolan:vlc_media_player:0.2.72:::::::*
	cpe:2.3:a:videolan:vlc_media_player:0.2.73:::::::*
	cpe:2.3:a:videolan:vlc_media_player:0.2.80:::::::*
	cpe:2.3:a:videolan:vlc_media_player:0.2.81:::::::*
	cpe:2.3:a:videolan:vlc_media_player:0.2.82:::::::*
	cpe:2.3:a:videolan:vlc_media_player:0.2.83:::::::*
	cpe:2.3:a:videolan:vlc_media_player:0.2.90:::::::*
	cpe:2.3:a:videolan:vlc_media_player:0.2.91:::::::*
	cpe:2.3:a:videolan:vlc_media_player:0.2.92:::::::*
	cpe:2.3:a:videolan:vlc_media_player:0.3.0:::::::*
	cpe:2.3:a:videolan:vlc_media_player:0.3.1:::::::*
	cpe:2.3:a:videolan:vlc_media_player:0.4.0:::::::*
	cpe:2.3:a:videolan:vlc_media_player:0.4.1:::::::*
	cpe:2.3:a:videolan:vlc_media_player:0.4.2:::::::*
	cpe:2.3:a:videolan:vlc_media_player:0.4.3:::::::*
	cpe:2.3:a:videolan:vlc_media_player:0.4.4:::::::*
	cpe:2.3:a:videolan:vlc_media_player:0.4.5:::::::*
	cpe:2.3:a:videolan:vlc_media_player:0.4.6:::::::*
	cpe:2.3:a:videolan:vlc_media_player:0.5.0:::::::*
	cpe:2.3:a:videolan:vlc_media_player:0.5.1:::::::*
	cpe:2.3:a:videolan:vlc_media_player:0.5.2:::::::*
	cpe:2.3:a:videolan:vlc_media_player:0.5.3:::::::*
	cpe:2.3:a:videolan:vlc_media_player:0.6.0:::::::*
	cpe:2.3:a:videolan:vlc_media_player:0.6.1:::::::*
	cpe:2.3:a:videolan:vlc_media_player:0.6.2:::::::*
	cpe:2.3:a:videolan:vlc_media_player:0.7.0:::::::*
	cpe:2.3:a:videolan:vlc_media_player:0.7.2:::::::*
	cpe:2.3:a:videolan:vlc_media_player:0.8.0:::::::*
	cpe:2.3:a:videolan:vlc_media_player:0.8.1:::::::*
	cpe:2.3:a:videolan:vlc_media_player:0.8.2:::::::*
	cpe:2.3:a:videolan:vlc_media_player:0.8.4:::::::*
	cpe:2.3:a:videolan:vlc_media_player:0.8.5:::::::*
	cpe:2.3:a:videolan:vlc_media_player:0.8.6:::::::*
	cpe:2.3:a:videolan:vlc_media_player:0.9.2:::::::*
	cpe:2.3:a:videolan:vlc_media_player:0.9.3:::::::*
	cpe:2.3:a:videolan:vlc_media_player:0.9.4:::::::*
	cpe:2.3:a:videolan:vlc_media_player:0.9.5:::::::*
	cpe:2.3:a:videolan:vlc_media_player:0.9.6:::::::*
	cpe:2.3:a:videolan:vlc_media_player:0.9.8a:::::::*
	cpe:2.3:a:videolan:vlc_media_player:0.9.9:::::::*
	cpe:2.3:a:videolan:vlc_media_player:0.9.10:::::::*
	cpe:2.3:a:videolan:vlc_media_player:1.0.0:::::::*
	cpe:2.3:a:videolan:vlc_media_player:1.0.1:::::::*
	cpe:2.3:a:videolan:vlc_media_player:1.0.2:::::::*
	cpe:2.3:a:videolan:vlc_media_player:1.0.3:::::::*
	cpe:2.3:a:videolan:vlc_media_player:1.0.4:::::::*
	cpe:2.3:a:videolan:vlc_media_player:1.0.5:::::::*
	cpe:2.3:a:videolan:vlc_media_player:1.0.6:::::::*
	cpe:2.3:a:videolan:vlc_media_player:1.1.0:::::::*
	cpe:2.3:a:videolan:vlc_media_player:1.1.1:::::::*
cpe:2.3:a:videolan:vlc_media_player:1.1.2:::::::*
cpe:2.3:a:videolan:vlc_media_player:1.1.3:::::::*
cpe:2.3:a:videolan:vlc_media_player:1.1.4:::::::*
cpe:2.3:a:videolan:vlc_media_player:1.1.5:::::::*
cpe:2.3:a:videolan:vlc_media_player:1.1.6:::::::*
cpe:2.3:a:videolan:vlc_media_player:1.1.6.1:::::::*
cpe:2.3:a:videolan:vlc_media_player:1.1.7:::::::*
cpe:2.3:a:videolan:vlc_media_player:1.1.8:::::::*
cpe:2.3:a:videolan:vlc_media_player:1.1.9:::::::*
cpe:2.3:a:videolan:vlc_media_player:1.1.10:::::::*

No data.

References

Link	Providers
http://git.videolan.org/?p=vlc.git%3Ba=commit%3Bh=9c14964bd11482d5c1d6c0e223440f9f1e5b1831
http://secunia.com/advisories/45066
http://www.securityfocus.com/bid/48664
http://www.videolan.org/security/sa1106.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/68532
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14858

History

No history.

MITRE

Status: PUBLISHED

Assigner: flexera

Published: 2011-07-27T01:29:00

Updated: 2024-08-06T23:08:23.776Z

Reserved: 2011-06-29T00:00:00

Link: CVE-2011-2588

Vulnrichment

No data.

NVD

Status : Modified

Published: 2011-07-27T02:55:02.273

Modified: 2024-11-21T01:28:32.240

Link: CVE-2011-2588

Redhat

No data.

Metrics

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

Metrics

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object