Vulnerability Details : CVE-2012-1775
Public exploit exists!
Stack-based buffer overflow in VideoLAN VLC media player before 2.0.1 allows remote attackers to execute arbitrary code via a crafted MMS:// stream.
Vulnerability category: OverflowExecute code
Products affected by CVE-2012-1775
- cpe:2.3:a:videolan:vlc_media_player:*:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.7.1:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.7.2:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.8.4a:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.8.2:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.8.4:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.7.0:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.8.5:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.8.6:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.8.6a:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.8.6b:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.8.6h:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.8.6i:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.9.2:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.9.3:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.9.4:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.9:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.9.1:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.9.0:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.8.6c:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.9.5:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.8.6g:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.5.3:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.7.1a:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.7.2:test2:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.7.2:test3:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.8.6e:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.8.6f:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.8.4:test2:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.6.2:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.8.6d:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.8.5:test4:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.8.5:test3:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.9.6:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.9.7:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.9.8:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.9.8a:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.9.9:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.9.10:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.8.1337:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:1.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:1.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.9.9a:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:1.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:1.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:1.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:1.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:1.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:1.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:1.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.2.91:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.2.92:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.2.70:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.4.6:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.1.99g:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.1.99f:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.2.83:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.2.90:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.2.63:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.4.5:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.4.4:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.1.99i:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.1.99h:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.1.99e:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.1.99b:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.2.73:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.2.80:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.2.71:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.2.62:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.2.61:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.2.81:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.2.82:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.2.72:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.2.60:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:1.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:1.1.5:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:1.1.6:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:1.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:1.1.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:1.1.7:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:1.1.8:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:1.1.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:1.1.9:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:1.1.10:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:1.1.10.1:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:1.1.11:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.4.3-ac3:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:1.1.13:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.1.99d:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.2.50:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.1.99a:*:*:*:*:*:*:*
- cpe:2.3:a:videolan:vlc_media_player:0.1.99c:*:*:*:*:*:*:*
Threat overview for CVE-2012-1775
Top countries where our scanners detected CVE-2012-1775
Top open port discovered on systems with this issue
80
IPs affected by CVE-2012-1775 160
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2012-1775!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2012-1775
96.42%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 100 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2012-1775
-
VLC MMS Stream Handling Buffer Overflow
Disclosure Date: 2012-03-15First seen: 2020-04-26exploit/windows/browser/vlc_mms_bofThis module exploits a buffer overflow in VLC media player VLC media player prior to 2.0.0. The vulnerability is due to a dangerous use of sprintf which can result in a stack buffer overflow when handling a malicious MMS URI. This module uses the browser as attack
CVSS scores for CVE-2012-1775
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
9.3
|
HIGH | AV:N/AC:M/Au:N/C:C/I:C/A:C |
8.6
|
10.0
|
NIST |
CWE ids for CVE-2012-1775
-
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.Assigned by: nvd@nist.gov (Primary)
References for CVE-2012-1775
-
http://www.exploit-db.com/exploits/18825
VideoLAN VLC Media Player 2.0.0 - Mms Stream Handling Buffer Overflow (Metasploit) - Windows remote Exploit
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14820
Repository / Oval Repository
-
http://www.securityfocus.com/bid/52550
VLC Media Player Multiple Remote Buffer Overflow Vulnerabilities
-
http://www.securityfocus.com/bid/53391
VLC Media Player MMS Stream Stack Based Buffer Overflow Vulnerability
-
http://www.videolan.org/security/sa1201.html
VideoLAN Security Advisory 1201 - VideoLANVendor Advisory
-
http://git.videolan.org/?p=vlc/vlc-2.0.git;a=commit;h=11a95cce96fffdbaba1be6034d7b42721667821c
git.videolan.org Git - vlc/vlc-2.0.git/commit
Jump to