CVE-2010-0364

{"id": "CVE-2010-0364", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 9.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2010-01-21T20:30:00.430", "references": [{"url": "http://www.exploit-db.com/exploits/11174", "tags": ["Exploit"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/37832", "tags": ["Exploit"], "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55717", "source": "cve@mitre.org"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14342", "source": "cve@mitre.org"}, {"url": "http://www.exploit-db.com/exploits/11174", "tags": ["Exploit"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/37832", "tags": ["Exploit"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55717", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14342", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-119"}]}], "descriptions": [{"lang": "en", "value": "Stack-based buffer overflow in VideoLAN VLC Media Player 0.8.6 allows user-assisted remote attackers to execute arbitrary code via an ogg file with a crafted Advanced SubStation Alpha Subtitle (.ass) file, probably involving the Dialogue field."}, {"lang": "es", "value": "Desbordamiento de b\u00fafer basado en pila en VideoLAN VLC Media Player 0.8.6 permite a atacantes remotos asistidos por el usuario, ejecutar c\u00f3digo de su elecci\u00f3n mediante un fichero ogg con un fichero Advanced SubStation Alpha Subtitle (.ass) manipulado, probablemente en relaci\u00f3n con el campo Dialogue."}], "lastModified": "2024-11-21T01:12:03.820", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:videolan:vlc_media_player:0.8.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "18B68706-5A1F-479F-8A38-F93D98481F9C"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}