Search for vulnerabilities
Vulnerability details: VCID-34qw-w3ku-mudw
Vulnerability ID VCID-34qw-w3ku-mudw
Aliases CVE-2008-5036
Summary
Status Published
Exploitability 2.0
Weighted Severity 0.6
Risk 1.2
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
epss 0.67309 https://api.first.org/data/v1/epss?cve=CVE-2008-5036
epss 0.67309 https://api.first.org/data/v1/epss?cve=CVE-2008-5036
epss 0.67309 https://api.first.org/data/v1/epss?cve=CVE-2008-5036
epss 0.67309 https://api.first.org/data/v1/epss?cve=CVE-2008-5036
epss 0.67309 https://api.first.org/data/v1/epss?cve=CVE-2008-5036
epss 0.67309 https://api.first.org/data/v1/epss?cve=CVE-2008-5036
epss 0.69531 https://api.first.org/data/v1/epss?cve=CVE-2008-5036
epss 0.69531 https://api.first.org/data/v1/epss?cve=CVE-2008-5036
epss 0.69531 https://api.first.org/data/v1/epss?cve=CVE-2008-5036
epss 0.69531 https://api.first.org/data/v1/epss?cve=CVE-2008-5036
epss 0.69531 https://api.first.org/data/v1/epss?cve=CVE-2008-5036
epss 0.69531 https://api.first.org/data/v1/epss?cve=CVE-2008-5036
epss 0.69531 https://api.first.org/data/v1/epss?cve=CVE-2008-5036
epss 0.69531 https://api.first.org/data/v1/epss?cve=CVE-2008-5036
epss 0.69531 https://api.first.org/data/v1/epss?cve=CVE-2008-5036
epss 0.69531 https://api.first.org/data/v1/epss?cve=CVE-2008-5036
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2008-5036
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5036
CVE-2008-5036 Exploit https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/7051.pl
CVE-2008-5036;OSVDB-49809 Exploit https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/18548.rb
CVE-2008-5036;OSVDB-49809 Exploit http://www.trapkit.de/advisories/TKADV2008-011.txt
Data source Metasploit
Description This module exploits a stack buffer overflow vulnerability in VideoLAN VLC < 0.9.6. The vulnerability exists in the parsing of RealText subtitle files. In order to exploit this, this module will generate two files: The .mp4 file is used to trick your victim into running. The .rt file is the actual malicious file that triggers the vulnerability, which should be placed under the same directory as the .mp4 file.
Note 
Reliability:
  - unknown-reliability
Stability:
  - unknown-stability
SideEffects:
  - unknown-side-effects
Ransomware campaign use Unknown
Source publication date Nov. 5, 2008
Platform Windows
Source URL https://github.com/rapid7/metasploit-framework/tree/master/modules/exploits/windows/fileformat/vlc_realtext.rb
Data source Exploit-DB
Date added Nov. 6, 2008
Description VideoLAN VLC Media Player < 0.9.6 - '.rt' Local Stack Buffer Overflow
Ransomware campaign use Known
Source publication date Nov. 7, 2008
Exploit type local
Platform windows
There are no known vectors.
Exploit Prediction Scoring System (EPSS)
Percentile 0.98514
EPSS Score 0.67309
Published At Sept. 9, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2025-07-31T11:38:46.947132+00:00 EPSS Importer Import https://epss.cyentia.com/epss_scores-current.csv.gz 37.0.0