What is CVE-2010-3275?

CVE-2010-3275 is a vulnerability in Videolan Vlc_media_player, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. Published 2011-03-28.

Is CVE-2010-3275 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Buffer overflow in Videolan Vlc_media_player

CVE-2010-3275

libdirectx_plugin.dll in VideoLAN VLC Media Player before 1.1.8 allows remote attackers to execute arbitrary code via a crafted width in an AMV file, related to a "dangling pointer vulnerability."

Vulnerability class: Buffer Overflow

EPSS: 0.862 (99.4th percentile) — read the EPSS interpretation.

Affected products

Videolan Vlc_media_player — versions 0.1.99b, 0.1.99e, 0.1.99f
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

Public proof-of-concept exploits

References

1025250 (vdb-entry, x_refsource_SECTRACK)
ADV-2011-0759 (vdb-entry, x_refsource_VUPEN, Vendor Advisory)
cve@mitre.org (x_refsource_CONFIRM, Patch)
43826 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)
cve@mitre.org (Exploit, x_refsource_MISC)
cve@mitre.org (x_refsource_MISC)
DSA-2211 (vendor-advisory, x_refsource_DEBIAN)
17048 (Exploit, exploit, x_refsource_EXPLOIT-DB)
20110323 CORE-2011-0208: VLC Vulnerabilities handling .AMV and .NSV files (mailing-list, x_refsource_BUGTRAQ)
71277 (x_refsource_OSVDB, vdb-entry)

Frequently asked questions

What is CVE-2010-3275?: CVE-2010-3275 is a vulnerability in Videolan Vlc_media_player, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. Published 2011-03-28.
Is CVE-2010-3275 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.