EDB-4688
doswindowsVERIFIED
VideoLAN VLC Media Player 0.86 < 0.86d - ActiveX Remote Bad Pointer Initialization
CVE-2007-6262
Ricardo Narvaja12/4/2007
描述
A certain ActiveX control in axvlc.dll in VideoLAN VLC 0.8.6 before 0.8.6d allows remote attackers to execute arbitrary code via crafted arguments to the (1) addTarget, (2) getVariable, or (3) setVariable function, resulting from a "bad initialized pointer," aka a "recursive plugin release vulnerability."
AI分析AI驱动
受影响产品
videolanvlc_media_player
0.8.6
videolanvlc_media_player
0.8.6a
videolanvlc_media_player
0.8.6b
可用漏洞利用 (1)
参考资料
- http://secunia.com/advisories/27878Vendor Advisory
- http://securityreason.com/securityalert/3420
- http://www.coresecurity.com/?action=item&id=2035
- http://www.securityfocus.com/archive/1/484563/100/0/threaded
- http://www.securityfocus.com/bid/26675ExploitPatch
- http://www.videolan.org/sa0703.html
- http://www.vupen.com/english/advisories/2007/4061
- https://exchange.xforce.ibmcloud.com/vulnerabilities/38816
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14280
- http://secunia.com/advisories/27878Vendor Advisory
- http://securityreason.com/securityalert/3420
- http://www.coresecurity.com/?action=item&id=2035
- http://www.securityfocus.com/archive/1/484563/100/0/threaded
- http://www.securityfocus.com/bid/26675ExploitPatch
- http://www.videolan.org/sa0703.html
- http://www.vupen.com/english/advisories/2007/4061
- https://exchange.xforce.ibmcloud.com/vulnerabilities/38816
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14280