Search for vulnerabilities
Vulnerability details: VCID-bsk3-c3vv-aaaq
Vulnerability ID VCID-bsk3-c3vv-aaaq
Aliases CVE-2023-47359
Summary Videolan VLC prior to version 3.0.20 contains an incorrect offset read that leads to a Heap-Based Buffer Overflow in function GetPacket() and results in a memory corruption.
Status Published
Exploitability 0.5
Weighted Severity 8.8
Risk 4.4
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-787 Out-of-bounds Write
System Score Found at
epss 0.00098 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00131 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00131 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00131 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00131 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00131 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00131 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00131 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00131 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00131 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00131 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00131 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00131 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00131 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00131 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00131 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00131 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00131 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00131 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00131 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00131 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00131 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00131 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00131 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00131 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00131 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00131 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00131 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00131 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00131 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00131 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00131 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00131 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00131 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00131 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00131 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00131 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00131 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00131 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00131 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00131 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00131 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00131 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00131 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00131 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00131 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00131 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00131 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00131 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00131 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00131 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00131 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00154 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00154 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00154 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00154 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00154 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00154 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00154 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00154 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00164 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00164 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00164 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00164 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00173 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00173 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00173 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00384 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00384 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00384 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00384 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00384 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00384 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00384 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00384 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00384 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00384 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00384 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00384 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00384 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
epss 0.00746 https://api.first.org/data/v1/epss?cve=CVE-2023-47359
cvssv3 9.8 https://nvd.nist.gov/vuln/detail/CVE-2023-47359
cvssv3.1 9.8 https://nvd.nist.gov/vuln/detail/CVE-2023-47359
Reference id Reference type URL
https://0xariana.github.io/blog/real_bugs/vlc/mms
https://api.first.org/data/v1/epss?cve=CVE-2023-47359
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-47359
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-47360
https://lists.debian.org/debian-lts-announce/2023/11/msg00034.html
cpe:2.3:a:videolan:vlc_media_player:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:*:*:*:*:*:*:*:*
CVE-2023-47359 https://nvd.nist.gov/vuln/detail/CVE-2023-47359
USN-6783-1 https://usn.ubuntu.com/6783-1/
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2023-47359
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2023-47359
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.41769
EPSS Score 0.00098
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.