Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-nhfw-24cw-cqge
Vulnerability ID VCID-nhfw-24cw-cqge
Aliases CVE-2007-6683
Summary The browser plugin in VideoLAN VLC 0.8.6d allows remote attackers to overwrite arbitrary files via (1) the :demuxdump-file option in a filename in a playlist, or (2) a EXTVLCOPT statement in an MP3 file, possibly an argument injection vulnerability.
Status Published
Exploitability None
Weighted Severity None
Risk None
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
epss 0.00895 https://api.first.org/data/v1/epss?cve=CVE-2007-6683
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2007-6683
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6683
458318 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=458318
GLSA-200803-13 https://security.gentoo.org/glsa/200803-13
No exploits are available.
There are no known vectors.
Exploit Prediction Scoring System (EPSS)
Percentile 0.75938
EPSS Score 0.00895
Published At May 29, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-05-29T13:40:54.105980+00:00 Debian Oval Importer Import https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.6.0