GHSA-H6W8-G5HJ-F5PR
Vulnerability from github – Published: 2022-05-17 05:07 – Updated: 2024-07-03 18:31** DISPUTED ** plugins/demux/libmkv_plugin.dll in VideoLAN VLC Media Player 2.0.7, and possibly other versions, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted MKV file, possibly involving an integer overflow and out-of-bounds read or heap-based buffer overflow, or an uncaught exception. NOTE: the vendor disputes the severity and claimed vulnerability type of this issue, stating "This PoC crashes VLC, indeed, but does nothing more... this is not an integer overflow error, but an uncaught exception and I doubt that it is exploitable. This uncaught exception makes VLC abort, not execute random code, on my Linux 64bits machine." A PoC posted by the original researcher shows signs of an attacker-controlled out-of-bounds read, but the affected instruction does not involve a register that directly influences control flow.
{
"affected": [],
"aliases": [
"CVE-2013-3245"
],
"database_specific": {
"cwe_ids": [
"CWE-119",
"CWE-122"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2013-07-10T19:55:00Z",
"severity": "MODERATE"
},
"details": "** DISPUTED ** plugins/demux/libmkv_plugin.dll in VideoLAN VLC Media Player 2.0.7, and possibly other versions, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted MKV file, possibly involving an integer overflow and out-of-bounds read or heap-based buffer overflow, or an uncaught exception. NOTE: the vendor disputes the severity and claimed vulnerability type of this issue, stating \"This PoC crashes VLC, indeed, but does nothing more... this is not an integer overflow error, but an uncaught exception and I doubt that it is exploitable. This uncaught exception makes VLC abort, not execute random code, on my Linux 64bits machine.\" A PoC posted by the original researcher shows signs of an attacker-controlled out-of-bounds read, but the affected instruction does not involve a register that directly influences control flow.",
"id": "GHSA-h6w8-g5hj-f5pr",
"modified": "2024-07-03T18:31:17Z",
"published": "2022-05-17T05:07:40Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-3245"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2013/Jul/71"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2013/Jul/77"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2013/Jul/79"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/52956"
},
{
"type": "WEB",
"url": "http://secunia.com/blog/372"
},
{
"type": "WEB",
"url": "http://www.jbkempf.com/blog/post/2013/More-lies-from-Secunia"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/61032"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
}
]
}
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.