{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81487?format=json","vulnerability_id":"VCID-a9mf-5dre-wfce","summary":"Heap-based buffer overflow in the Ogg_DecodePacket function in the OGG demuxer (modules/demux/ogg.c) in VideoLAN VLC media player before 2.0.2 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted OGG file.","aliases":[{"alias":"CVE-2012-3377"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/364838?format=json","purl":"pkg:deb/debian/vlc@2.0.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@2.0.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364803?format=json","purl":"pkg:deb/debian/vlc@3.0.21-0%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.21-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364801?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364805?format=json","purl":"pkg:deb/debian/vlc@3.0.23-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/364804?format=json","purl":"pkg:deb/debian/vlc@3.0.23-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/vlc@3.0.23-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/330966?format=json","purl":"pkg:ebuild/media-video/vlc@2.1.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/media-video/vlc@2.1.2"}],"affected_packages":[],"references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-3377","reference_id":"","reference_type":"","scores":[{"value":"0.03905","scoring_system":"epss","scoring_elements":"0.88485","published_at":"2026-05-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-3377"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3377","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3377"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=680665","reference_id":"680665","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=680665"},{"reference_url":"https://security.gentoo.org/glsa/201411-01","reference_id":"GLSA-201411-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201411-01"}],"weaknesses":[],"exploits":[],"severity_range_score":null,"exploitability":null,"weighted_severity":null,"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a9mf-5dre-wfce"}