What is CVE-2013-3245?

CVE-2013-3245 is a medium-severity vulnerability in Videolan Vlc_media_player, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. CVSS score: 6.3/10. Published 2013-07-10.

How severe is CVE-2013-3245?

Medium severity. CVSS v3 base score is 6.3 out of 10.

Buffer overflow in Videolan Vlc_media_player

CVE-2013-3245

plugins/demux/libmkv_plugin.dll in VideoLAN VLC Media Player 2.0.7, and possibly other versions, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted MKV file, possibly involving an…

Vulnerability class: Buffer Overflow

EPSS: 0.019 (83.4th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.3 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L.

Affected products

Videolan Vlc_media_player — versions 2.0.7
N/a — versions n/a

Weakness classification (CWE)

References

PSIRT-CNA@flexerasoftware.com (x_refsource_MISC)
61032 (vdb-entry, x_refsource_BID)
20130710 VLC media player MKV Parsing POC (mailing-list, Exploit, x_refsource_FULLDISC)
52956 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)
20130710 Re: VLC media player MKV Parsing POC (mailing-list, x_refsource_FULLDISC)
20130710 Re: VLC media player MKV Parsing POC (mailing-list, x_refsource_FULLDISC)
PSIRT-CNA@flexerasoftware.com (x_refsource_MISC, Vendor Advisory)

Frequently asked questions

What is CVE-2013-3245?: CVE-2013-3245 is a medium-severity vulnerability in Videolan Vlc_media_player, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. CVSS score: 6.3/10. Published 2013-07-10.
How severe is CVE-2013-3245?: Medium severity. CVSS v3 base score is 6.3 out of 10.