CVE-2010-3275

EPSS 86.2%

vlc - missing input sanitising

發布日:2011/3/28修改日:2026/4/28

也稱為:DEBIAN-CVE-2010-3275

描述

libdirectx_plugin.dll in VideoLAN VLC Media Player before 1.1.8 allows remote attackers to execute arbitrary code via a crafted width in an AMV file, related to a "dangling pointer vulnerability."

受影響套件(2)

Debian/vlcfrom 0, < 1.1.8-1
Debian/vlcfrom 0, < 1.1.3-1squeeze4

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2010-3275