Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-ygt3-byr3-7qd7
SummaryStack-based buffer overflow in the ParseSSA function (modules/demux/subtitle.c) in VLC 0.8.6e allows remote attackers to execute arbitrary code via a long subtitle in an SSA file. NOTE: this issue is due to an incomplete fix for CVE-2007-6681.
Aliases
0
alias CVE-2008-1881
Fixed_packages
0
url pkg:deb/debian/vlc@0.8.6.e-2.1?distro=trixie
purl pkg:deb/debian/vlc@0.8.6.e-2.1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@0.8.6.e-2.1%3Fdistro=trixie
1
url pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie
5
url pkg:ebuild/media-video/vlc@0.8.6f
purl pkg:ebuild/media-video/vlc@0.8.6f
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/media-video/vlc@0.8.6f
Affected_packages
References
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2008-1881
reference_id
reference_type
scores
0
value 0.53989
scoring_system epss
scoring_elements 0.98049
published_at 2026-05-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2008-1881
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1881
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1881
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=477805
reference_id 477805
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=477805
3
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/5250.cpp
reference_id CVE-2008-1881
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/5250.cpp
4
reference_url https://security.gentoo.org/glsa/200804-25
reference_id GLSA-200804-25
reference_type
scores
url https://security.gentoo.org/glsa/200804-25
5
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/5667.py
reference_id OSVDB-44461;CVE-2008-1881
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/5667.py
Weaknesses
Exploits
0
date_added 2008-03-13
description VideoLAN VLC Media Player 0.8.6e - Subtitle Parsing Local Buffer Overflow
required_action null
due_date null
notes null
known_ransomware_campaign_use true
source_date_published 2008-03-14
exploit_type local
platform windows
source_date_updated 2016-11-23
data_source Exploit-DB
source_url
Severity_range_scorenull
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-ygt3-byr3-7qd7