EDB-4688
doswindowsVERIFIED
VideoLAN VLC Media Player 0.86 < 0.86d - ActiveX Remote Bad Pointer Initialization
CVE-2007-6262
Ricardo Narvaja12/4/2007
CVE-2007-6262
NONEA certain ActiveX control in axvlc.dll in VideoLAN VLC 0.8.6 before 0.8.6d allows remote attackers to execute arbitrary code via crafted arguments to the (1) addTarget, (2) getVariable, or (3) setVari
Published: 12/6/2007Updated: 4/9/2025
Description
A certain ActiveX control in axvlc.dll in VideoLAN VLC 0.8.6 before 0.8.6d allows remote attackers to execute arbitrary code via crafted arguments to the (1) addTarget, (2) getVariable, or (3) setVariable function, resulting from a "bad initialized pointer," aka a "recursive plugin release vulnerability."
AI AnalysisPowered by AI
Affected Products
videolanvlc_media_player
0.8.6
videolanvlc_media_player
0.8.6a
videolanvlc_media_player
0.8.6b
Available Exploits (1)
References
- http://secunia.com/advisories/27878Vendor Advisory
- http://securityreason.com/securityalert/3420
- http://www.coresecurity.com/?action=item&id=2035
- http://www.securityfocus.com/archive/1/484563/100/0/threaded
- http://www.securityfocus.com/bid/26675ExploitPatch
- http://www.videolan.org/sa0703.html
- http://www.vupen.com/english/advisories/2007/4061
- https://exchange.xforce.ibmcloud.com/vulnerabilities/38816
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14280
- http://secunia.com/advisories/27878Vendor Advisory
- http://securityreason.com/securityalert/3420
- http://www.coresecurity.com/?action=item&id=2035
- http://www.securityfocus.com/archive/1/484563/100/0/threaded
- http://www.securityfocus.com/bid/26675ExploitPatch
- http://www.videolan.org/sa0703.html
- http://www.vupen.com/english/advisories/2007/4061
- https://exchange.xforce.ibmcloud.com/vulnerabilities/38816
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14280