Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-a9mf-5dre-wfce

Summary Heap-based buffer overflow in the Ogg_DecodePacket function in the OGG demuxer (modules/demux/ogg.c) in VideoLAN VLC media player before 2.0.2 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted OGG file.

Aliases

alias	CVE-2012-3377

Fixed_packages

url	pkg:deb/debian/vlc@2.0.2-1?distro=trixie
purl	pkg:deb/debian/vlc@2.0.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@2.0.2-1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
purl	pkg:deb/debian/vlc@3.0.23-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie

url	pkg:ebuild/media-video/vlc@2.1.2
purl	pkg:ebuild/media-video/vlc@2.1.2
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/media-video/vlc@2.1.2

Affected_packages

References

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2012-3377

reference_id

reference_type

scores

value	0.03905
scoring_system	epss
scoring_elements	0.88485
published_at	2026-05-29T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2012-3377

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3377
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3377

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=680665
reference_id	680665
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=680665

reference_url	https://security.gentoo.org/glsa/201411-01
reference_id	GLSA-201411-01
reference_type
scores
url	https://security.gentoo.org/glsa/201411-01

Weaknesses

Exploits

Severity_range_score null

Exploitability null

Weighted_severity null

Risk_score null

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a9mf-5dre-wfce

Vulnerability Instance