Vulnerability Name:

CVE-2010-3907 (CCN-64461)

Assigned:2010-12-14
Published:2010-12-14
Updated:2017-09-19
Summary:Multiple integer overflows in real.c in the Real demuxer plugin in VideoLAN VLC Media Player before 1.1.6 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a zero i_subpackets value in a Real Media file, leading to a heap-based buffer overflow.
CVSS v3 Severity:7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)
6.9 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
6.8 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.0 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-189
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2010-3907

Source: CONFIRM
Type: Patch
http://git.videolan.org/?p=vlc.git;a=commit;h=6568965770f906d34d4aef83237842a5376adb55

Source: CCN
Type: SA42773
VLC Media Player Real Demuxer Array Indexing Vulnerability

Source: MISC
Type: UNKNOWN
http://www.cs.brown.edu/people/drosenbe/research.html

Source: CCN
Type: OSVDB ID: 70242
VLC Media Player modules/demux/real.c Array Indexing Error Code Execution

Source: BID
Type: UNKNOWN
45632

Source: CCN
Type: BID-45632
VLC Media Player Real Demuxer Remote Denial of Service Vulnerability

Source: CCN
Type: VideoLAN-SA-1007
Buffer overflow in Real demuxer

Source: CONFIRM
Type: Patch, Vendor Advisory
http://www.videolan.org/security/sa1007.html

Source: VUPEN
Type: Vendor Advisory
ADV-2010-3345

Source: XF
Type: UNKNOWN
vlcmediaplayer-realdemuxer-code-exec(64461)

Source: XF
Type: UNKNOWN
vlcmediaplayer-realdemuxer-code-exec(64461)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:13950

Vulnerable Configuration:Configuration 1:
  • cpe:/a:videolan:vlc_media_player:0.1.99b:*:*:*:*:*:*:*
  • OR cpe:/a:videolan:vlc_media_player:0.1.99e:*:*:*:*:*:*:*
  • OR cpe:/a:videolan:vlc_media_player:0.1.99f:*:*:*:*:*:*:*
  • OR cpe:/a:videolan:vlc_media_player:0.1.99g:*:*:*:*:*:*:*
  • OR cpe:/a:videolan:vlc_media_player:0.1.99h:*:*:*:*:*:*:*
  • OR cpe:/a:videolan:vlc_media_player:0.1.99i:*:*:*:*:*:*:*
  • OR cpe:/a:videolan:vlc_media_player:0.2.0:*:*:*:*:*:*:*
  • OR cpe:/a:videolan:vlc_media_player:0.2.60:*:*:*:*:*:*:*
  • OR cpe:/a:videolan:vlc_media_player:0.2.61:*:*:*:*:*:*:*
  • OR cpe:/a:videolan:vlc_media_player:0.2.62:*:*:*:*:*:*:*
  • OR cpe:/a:videolan:vlc_media_player:0.2.63:*:*:*:*:*:*:*
  • OR cpe:/a:videolan:vlc_media_player:0.2.70:*:*:*:*:*:*:*
  • OR cpe:/a:videolan:vlc_media_player:0.2.71:*:*:*:*:*:*:*
  • OR cpe:/a:videolan:vlc_media_player:0.2.72:*:*:*:*:*:*:*
  • OR cpe:/a:videolan:vlc_media_player:0.2.73:*:*:*:*:*:*:*
  • OR cpe:/a:videolan:vlc_media_player:0.2.80:*:*:*:*:*:*:*
  • OR cpe:/a:videolan:vlc_media_player:0.2.81:*:*:*:*:*:*:*
  • OR cpe:/a:videolan:vlc_media_player:0.2.82:*:*:*:*:*:*:*
  • OR cpe:/a:videolan:vlc_media_player:0.2.83:*:*:*:*:*:*:*
  • OR cpe:/a:videolan:vlc_media_player:0.2.90:*:*:*:*:*:*:*
  • OR cpe:/a:videolan:vlc_media_player:0.2.91:*:*:*:*:*:*:*
  • OR cpe:/a:videolan:vlc_media_player:0.2.92:*:*:*:*:*:*:*
  • OR cpe:/a:videolan:vlc_media_player:0.3.0:*:*:*:*:*:*:*
  • OR cpe:/a:videolan:vlc_media_player:0.3.1:*:*:*:*:*:*:*
  • OR cpe:/a:videolan:vlc_media_player:0.4.0:*:*:*:*:*:*:*
  • OR cpe:/a:videolan:vlc_media_player:0.4.1:*:*:*:*:*:*:*
  • OR cpe:/a:videolan:vlc_media_player:0.4.2:*:*:*:*:*:*:*
  • OR cpe:/a:videolan:vlc_media_player:0.4.3:*:*:*:*:*:*:*
  • OR cpe:/a:videolan:vlc_media_player:0.4.4:*:*:*:*:*:*:*
  • OR cpe:/a:videolan:vlc_media_player:0.4.5:*:*:*:*:*:*:*
  • OR cpe:/a:videolan:vlc_media_player:0.4.6:*:*:*:*:*:*:*
  • OR cpe:/a:videolan:vlc_media_player:0.5.0:*:*:*:*:*:*:*
  • OR cpe:/a:videolan:vlc_media_player:0.5.1:*:*:*:*:*:*:*
  • OR cpe:/a:videolan:vlc_media_player:0.5.2:*:*:*:*:*:*:*
  • OR cpe:/a:videolan:vlc_media_player:0.5.3:*:*:*:*:*:*:*
  • OR cpe:/a:videolan:vlc_media_player:0.6.0:*:*:*:*:*:*:*
  • OR cpe:/a:videolan:vlc_media_player:0.6.1:*:*:*:*:*:*:*
  • OR cpe:/a:videolan:vlc_media_player:0.6.2:*:*:*:*:*:*:*
  • OR cpe:/a:videolan:vlc_media_player:0.7.0:*:*:*:*:*:*:*
  • OR cpe:/a:videolan:vlc_media_player:0.7.2:*:*:*:*:*:*:*
  • OR cpe:/a:videolan:vlc_media_player:0.8.0:*:*:*:*:*:*:*
  • OR cpe:/a:videolan:vlc_media_player:0.8.1:*:*:*:*:*:*:*
  • OR cpe:/a:videolan:vlc_media_player:0.8.2:*:*:*:*:*:*:*
  • OR cpe:/a:videolan:vlc_media_player:0.8.4:*:*:*:*:*:*:*
  • OR cpe:/a:videolan:vlc_media_player:0.8.5:*:*:*:*:*:*:*
  • OR cpe:/a:videolan:vlc_media_player:0.8.6:*:*:*:*:*:*:*
  • OR cpe:/a:videolan:vlc_media_player:0.9.2:*:*:*:*:*:*:*
  • OR cpe:/a:videolan:vlc_media_player:0.9.3:*:*:*:*:*:*:*
  • OR cpe:/a:videolan:vlc_media_player:0.9.4:*:*:*:*:*:*:*
  • OR cpe:/a:videolan:vlc_media_player:0.9.5:*:*:*:*:*:*:*
  • OR cpe:/a:videolan:vlc_media_player:0.9.6:*:*:*:*:*:*:*
  • OR cpe:/a:videolan:vlc_media_player:0.9.8a:*:*:*:*:*:*:*
  • OR cpe:/a:videolan:vlc_media_player:0.9.9:*:*:*:*:*:*:*
  • OR cpe:/a:videolan:vlc_media_player:0.9.10:*:*:*:*:*:*:*
  • OR cpe:/a:videolan:vlc_media_player:1.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:videolan:vlc_media_player:1.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:videolan:vlc_media_player:1.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:videolan:vlc_media_player:1.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:videolan:vlc_media_player:1.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:videolan:vlc_media_player:1.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:videolan:vlc_media_player:1.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:videolan:vlc_media_player:1.1.0:*:*:*:*:*:*:*
  • OR cpe:/a:videolan:vlc_media_player:1.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:videolan:vlc_media_player:1.1.2:*:*:*:*:*:*:*
  • OR cpe:/a:videolan:vlc_media_player:1.1.3:*:*:*:*:*:*:*
  • OR cpe:/a:videolan:vlc_media_player:1.1.4:*:*:*:*:*:*:*
  • OR cpe:/a:videolan:vlc_media_player:*:*:*:*:*:*:*:* (Version <= 1.1.5)

    • Configuration CCN 1:
  • cpe:/a:videolan:vlc_media_player:1.1.5:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:112904
    P
    		libvlc5-2.2.4-11.1 on GA media (Moderate)
    2022-01-17
    oval:org.opensuse.security:def:106363
    P
    		libvlc5-2.2.4-11.1 on GA media (Moderate)
    2021-10-01
    oval:org.mitre.oval:def:13950
    V
    		Multiple integer overflows in real.c in the Real demuxer plugin in VideoLAN VLC Media Player before 1.1.6
    2012-11-19
    BACK
    videolan vlc media player 0.1.99b
    videolan vlc media player 0.1.99e
    videolan vlc media player 0.1.99f
    videolan vlc media player 0.1.99g
    videolan vlc media player 0.1.99h
    videolan vlc media player 0.1.99i
    videolan vlc media player 0.2.0
    videolan vlc media player 0.2.60
    videolan vlc media player 0.2.61
    videolan vlc media player 0.2.62
    videolan vlc media player 0.2.63
    videolan vlc media player 0.2.70
    videolan vlc media player 0.2.71
    videolan vlc media player 0.2.72
    videolan vlc media player 0.2.73
    videolan vlc media player 0.2.80
    videolan vlc media player 0.2.81
    videolan vlc media player 0.2.82
    videolan vlc media player 0.2.83
    videolan vlc media player 0.2.90
    videolan vlc media player 0.2.91
    videolan vlc media player 0.2.92
    videolan vlc media player 0.3.0
    videolan vlc media player 0.3.1
    videolan vlc media player 0.4.0
    videolan vlc media player 0.4.1
    videolan vlc media player 0.4.2
    videolan vlc media player 0.4.3
    videolan vlc media player 0.4.4
    videolan vlc media player 0.4.5
    videolan vlc media player 0.4.6
    videolan vlc media player 0.5.0
    videolan vlc media player 0.5.1
    videolan vlc media player 0.5.2
    videolan vlc media player 0.5.3
    videolan vlc media player 0.6.0
    videolan vlc media player 0.6.1
    videolan vlc media player 0.6.2
    videolan vlc media player 0.7.0
    videolan vlc media player 0.7.2
    videolan vlc media player 0.8.0
    videolan vlc media player 0.8.1
    videolan vlc media player 0.8.2
    videolan vlc media player 0.8.4
    videolan vlc media player 0.8.5
    videolan vlc media player 0.8.6
    videolan vlc media player 0.9.2
    videolan vlc media player 0.9.3
    videolan vlc media player 0.9.4
    videolan vlc media player 0.9.5
    videolan vlc media player 0.9.6
    videolan vlc media player 0.9.8a
    videolan vlc media player 0.9.9
    videolan vlc media player 0.9.10
    videolan vlc media player 1.0.0
    videolan vlc media player 1.0.1
    videolan vlc media player 1.0.2
    videolan vlc media player 1.0.3
    videolan vlc media player 1.0.4
    videolan vlc media player 1.0.5
    videolan vlc media player 1.0.6
    videolan vlc media player 1.1.0
    videolan vlc media player 1.1.1
    videolan vlc media player 1.1.2
    videolan vlc media player 1.1.3
    videolan vlc media player 1.1.4
    videolan vlc media player *
    videolan vlc media player 1.1.5