Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-3k7q-7ux2-v3gc
SummaryStack-based buffer overflow in VideoLAN VLC media player before 2.0.1 allows remote attackers to execute arbitrary code via a crafted MMS:// stream.
Aliases
0
alias CVE-2012-1775
Fixed_packages
0
url pkg:deb/debian/vlc@2.0.1-1?distro=trixie
purl pkg:deb/debian/vlc@2.0.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@2.0.1-1%3Fdistro=trixie
1
url pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie
5
url pkg:ebuild/media-video/vlc@2.1.2
purl pkg:ebuild/media-video/vlc@2.1.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/media-video/vlc@2.1.2
Affected_packages
References
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-1775
reference_id
reference_type
scores
0
value 0.72888
scoring_system epss
scoring_elements 0.98802
published_at 2026-05-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-1775
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1775
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1775
2
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/18825.rb
reference_id CVE-2012-1775;OSVDB-80188
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/18825.rb
3
reference_url https://security.gentoo.org/glsa/201411-01
reference_id GLSA-201411-01
reference_type
scores
url https://security.gentoo.org/glsa/201411-01
Weaknesses
Exploits
0
date_added 2012-05-03
description VideoLAN VLC Media Player 2.0.0 - Mms Stream Handling Buffer Overflow (Metasploit)
required_action null
due_date null
notes null
known_ransomware_campaign_use true
source_date_published 2012-05-03
exploit_type remote
platform windows
source_date_updated 2016-11-15
data_source Exploit-DB
source_url
1
date_added null
description 
This module exploits a buffer overflow in VLC media player VLC media player prior
          to 2.0.0. The vulnerability is due to a dangerous use of sprintf which can result
          in a stack buffer overflow when handling a malicious MMS URI.

          This module uses the browser as attack vector. A specially crafted MMS URI is
          used to trigger the overflow and get flow control through SEH overwrite. Control
          is transferred to code located in the heap through a standard heap spray.

          The module only targets IE6 and IE7 because no DEP/ASLR bypass has been provided.
required_action null
due_date null
notes 
Reliability:
  - unknown-reliability
Stability:
  - unknown-stability
SideEffects:
  - unknown-side-effects
known_ransomware_campaign_use false
source_date_published 2012-03-15
exploit_type null
platform Windows
source_date_updated null
data_source Metasploit
source_url https://github.com/rapid7/metasploit-framework/tree/master/modules/exploits/windows/browser/vlc_mms_bof.rb
Severity_range_scorenull
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-3k7q-7ux2-v3gc