CVE-2007-6683
EPSS 0.90%vlc - multiple vulnerabilities
發布日:2008/1/17修改日:2026/4/28
也稱為:DEBIAN-CVE-2007-6683
描述
The browser plugin in VideoLAN VLC 0.8.6d allows remote attackers to overwrite arbitrary files via (1) the :demuxdump-file option in a filename in a playlist, or (2) a EXTVLCOPT statement in an MP3 file, possibly an argument injection vulnerability.
受影響套件(2)
- Debian/vlcfrom 0, < 0.8.6.c-4.1
- Debian/vlcfrom 0, < 0.8.6.c-6+lenny5