What is CVE-2011-0531?

CVE-2011-0531 is a vulnerability in Videolan Vlc_media_player, classified under Improper Input Validation. Published 2011-02-07.

Is CVE-2011-0531 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Improper input validation in Videolan Vlc_media_player

CVE-2011-0531

demux/mkv/mkv.hpp in the MKV demuxer plugin in VideoLAN VLC media player 1.1.6.1 and earlier allows remote attackers to cause a denial of service (crash) and execute arbitrary commands via a crafted MKV (WebM or Matroska) file that trigger…

Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)

EPSS: 0.733 (98.8th percentile) — read the EPSS interpretation.

Affected products

Videolan Vlc_media_player — versions 0.1.99b, 0.1.99e, 0.1.99f
N/a — versions n/a

Weakness classification (CWE)

CWE-20 — Improper Input Validation

Public proof-of-concept exploits

rapid7/metasploit-framework

References

70698 (x_refsource_OSVDB, vdb-entry)
ADV-2011-0363 (vdb-entry, x_refsource_VUPEN)
43242 (x_refsource_SECUNIA, third-party-advisory)
oval:org.mitre.oval:def:12415 (x_refsource_OVAL, signature, vdb-entry)
DSA-2159 (vendor-advisory, x_refsource_DEBIAN)
secalert@redhat.com (x_refsource_CONFIRM, Patch, Vendor Advisory)
vlc-mkv-code-execution(65045) (vdb-entry, x_refsource_XF)
43131 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)
[oss-security] 20110131 CVE request: code execution in VLC media player (mailing-list, x_refsource_MLIST, Patch)
1025018 (vdb-entry, x_refsource_SECTRACK)

Frequently asked questions

What is CVE-2011-0531?: CVE-2011-0531 is a vulnerability in Videolan Vlc_media_player, classified under Improper Input Validation. Published 2011-02-07.
Is CVE-2011-0531 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.