VulnerableCode Vulnerability Details

Search for vulnerabilities

System	Score	Found at
epss	0.807	https://api.first.org/data/v1/epss?cve=CVE-2008-4654
epss	0.807	https://api.first.org/data/v1/epss?cve=CVE-2008-4654
epss	0.807	https://api.first.org/data/v1/epss?cve=CVE-2008-4654
epss	0.807	https://api.first.org/data/v1/epss?cve=CVE-2008-4654
epss	0.807	https://api.first.org/data/v1/epss?cve=CVE-2008-4654
epss	0.807	https://api.first.org/data/v1/epss?cve=CVE-2008-4654
epss	0.81203	https://api.first.org/data/v1/epss?cve=CVE-2008-4654
epss	0.81203	https://api.first.org/data/v1/epss?cve=CVE-2008-4654
epss	0.81203	https://api.first.org/data/v1/epss?cve=CVE-2008-4654
epss	0.81203	https://api.first.org/data/v1/epss?cve=CVE-2008-4654
epss	0.81203	https://api.first.org/data/v1/epss?cve=CVE-2008-4654
epss	0.81203	https://api.first.org/data/v1/epss?cve=CVE-2008-4654
epss	0.81203	https://api.first.org/data/v1/epss?cve=CVE-2008-4654
epss	0.81203	https://api.first.org/data/v1/epss?cve=CVE-2008-4654
epss	0.81203	https://api.first.org/data/v1/epss?cve=CVE-2008-4654
epss	0.81203	https://api.first.org/data/v1/epss?cve=CVE-2008-4654
epss	0.81203	https://api.first.org/data/v1/epss?cve=CVE-2008-4654

System

Score

Found at

epss

0.807

https://api.first.org/data/v1/epss?cve=CVE-2008-4654

epss

0.807

https://api.first.org/data/v1/epss?cve=CVE-2008-4654

epss

0.807

https://api.first.org/data/v1/epss?cve=CVE-2008-4654

epss

0.807

https://api.first.org/data/v1/epss?cve=CVE-2008-4654

epss

0.807

https://api.first.org/data/v1/epss?cve=CVE-2008-4654

epss

0.807

https://api.first.org/data/v1/epss?cve=CVE-2008-4654

epss

0.81203

https://api.first.org/data/v1/epss?cve=CVE-2008-4654

epss

0.81203

https://api.first.org/data/v1/epss?cve=CVE-2008-4654

epss

0.81203

https://api.first.org/data/v1/epss?cve=CVE-2008-4654

epss

0.81203

https://api.first.org/data/v1/epss?cve=CVE-2008-4654

epss

0.81203

https://api.first.org/data/v1/epss?cve=CVE-2008-4654

epss

0.81203

https://api.first.org/data/v1/epss?cve=CVE-2008-4654

epss

0.81203

https://api.first.org/data/v1/epss?cve=CVE-2008-4654

epss

0.81203

https://api.first.org/data/v1/epss?cve=CVE-2008-4654

epss

0.81203

https://api.first.org/data/v1/epss?cve=CVE-2008-4654

epss

0.81203

https://api.first.org/data/v1/epss?cve=CVE-2008-4654

epss

0.81203

https://api.first.org/data/v1/epss?cve=CVE-2008-4654

Reference id	Reference type	URL
		https://api.first.org/data/v1/epss?cve=CVE-2008-4654
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4654
502726		https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=502726
CVE-2008-4654;OSVDB-49181	Exploit	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/16629.rb
OSVDB-49453;CVE-2008-4686;OSVDB-49181;CVE-2008-4654	Exploit	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/6798.pl
OSVDB-49453;CVE-2008-4686;OSVDB-49181;CVE-2008-4654	Exploit	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/6825.pl

Reference id

Reference type

URL

https://api.first.org/data/v1/epss?cve=CVE-2008-4654

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4654

502726

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=502726

CVE-2008-4654;OSVDB-49181

Exploit

https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/16629.rb

OSVDB-49453;CVE-2008-4686;OSVDB-49181;CVE-2008-4654

Exploit

https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/6798.pl

OSVDB-49453;CVE-2008-4686;OSVDB-49181;CVE-2008-4654

Exploit

https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/6825.pl

Data source	Metasploit
Description	This module exploits a buffer overflow in VideoLAN VLC 0.9.4. By creating a malicious TY file, a remote attacker could overflow a buffer and execute arbitrary code.
Note	Reliability: - unknown-reliability Stability: - unknown-stability SideEffects: - unknown-side-effects
Ransomware campaign use	Unknown
Source publication date	Oct. 22, 2008
Platform	Windows
Source URL	https://github.com/rapid7/metasploit-framework/tree/master/modules/exploits/windows/fileformat/videolan_tivo.rb

Metasploit

This module exploits a buffer overflow in VideoLAN VLC 0.9.4. By creating a malicious TY file, a remote attacker could overflow a buffer and execute arbitrary code.

Reliability:
  - unknown-reliability
Stability:
  - unknown-stability
SideEffects:
  - unknown-side-effects

Unknown

Oct. 22, 2008

Windows

https://github.com/rapid7/metasploit-framework/tree/master/modules/exploits/windows/fileformat/videolan_tivo.rb

Data source	Exploit-DB
Date added	Feb. 2, 2011
Description	VideoLAN VLC Media Player 0.9.4 - TiVo Buffer Overflow (Metasploit)
Ransomware campaign use	Known
Source publication date	Feb. 2, 2011
Exploit type	local
Platform	windows
Source update date	Nov. 23, 2016

Exploit-DB

Feb. 2, 2011

VideoLAN VLC Media Player 0.9.4 - TiVo Buffer Overflow (Metasploit)

Known

Feb. 2, 2011

local

windows

Nov. 23, 2016

Date	Actor	Action	Source	VulnerableCode Version
2025-07-31T11:38:40.084494+00:00	EPSS Importer	Import	https://epss.cyentia.com/epss_scores-current.csv.gz	37.0.0

2025-07-31T11:38:40.084494+00:00

EPSS Importer

Import

https://epss.cyentia.com/epss_scores-current.csv.gz

37.0.0

Vulnerability ID	VCID-21ma-m9m8-nfd5
Aliases	CVE-2008-4654
Summary
Status	Published
Exploitability	2.0
Weighted Severity	0.7
Risk	1.4
Affected and Fixed Packages	Package Details

Percentile	0.99108
EPSS Score	0.807
Published At	Sept. 25, 2025, 12:55 p.m.