Search for vulnerabilities
Vulnerability details: VCID-erst-qkfp-zkf4
Vulnerability ID VCID-erst-qkfp-zkf4
Aliases CVE-2018-11529
Summary VideoLAN VLC media player 2.2.x is prone to a use after free vulnerability which an attacker can leverage to execute arbitrary code via crafted MKV files. Failed exploit attempts will likely result in denial of service conditions.
Status Published
Exploitability 2.0
Weighted Severity 8.0
Risk 10.0
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-416 Use After Free
System Score Found at
epss 0.74516 https://api.first.org/data/v1/epss?cve=CVE-2018-11529
epss 0.74516 https://api.first.org/data/v1/epss?cve=CVE-2018-11529
epss 0.74516 https://api.first.org/data/v1/epss?cve=CVE-2018-11529
epss 0.74516 https://api.first.org/data/v1/epss?cve=CVE-2018-11529
epss 0.74516 https://api.first.org/data/v1/epss?cve=CVE-2018-11529
epss 0.74516 https://api.first.org/data/v1/epss?cve=CVE-2018-11529
epss 0.74516 https://api.first.org/data/v1/epss?cve=CVE-2018-11529
epss 0.74516 https://api.first.org/data/v1/epss?cve=CVE-2018-11529
epss 0.74516 https://api.first.org/data/v1/epss?cve=CVE-2018-11529
epss 0.74516 https://api.first.org/data/v1/epss?cve=CVE-2018-11529
epss 0.74516 https://api.first.org/data/v1/epss?cve=CVE-2018-11529
epss 0.74516 https://api.first.org/data/v1/epss?cve=CVE-2018-11529
epss 0.74516 https://api.first.org/data/v1/epss?cve=CVE-2018-11529
epss 0.74516 https://api.first.org/data/v1/epss?cve=CVE-2018-11529
epss 0.74516 https://api.first.org/data/v1/epss?cve=CVE-2018-11529
cvssv2 6.8 https://nvd.nist.gov/vuln/detail/CVE-2018-11529
cvssv3 8.0 https://nvd.nist.gov/vuln/detail/CVE-2018-11529
archlinux High https://security.archlinux.org/AVG-755
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2018-11529
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11529
http://seclists.org/fulldisclosure/2018/Jul/28
https://www.debian.org/security/2018/dsa-4251
https://www.exploit-db.com/exploits/45626/
http://www.securitytracker.com/id/1041311
AVG-755 https://security.archlinux.org/AVG-755
cpe:2.3:a:videolan:vlc_media_player:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:*:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
CVE-2018-11529 Exploit https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/45626.rb
CVE-2018-11529 https://nvd.nist.gov/vuln/detail/CVE-2018-11529
CVE-2018-11529 Exploit https://raw.githubusercontent.com/rapid7/metasploit-framework/fb689da24c9de2ccda6707c6cfe0d053a4844dfd/modules/exploits/windows/fileformat/vlc_mkv.rb
USN-USN-4805-1 https://usn.ubuntu.com/USN-4805-1/
Data source Metasploit
Description This module exploits a use after free vulnerability in VideoLAN VLC =< 2.2.8. The vulnerability exists in the parsing of MKV files and affects both 32 bits and 64 bits. In order to exploit this, this module will generate two files: The first .mkv file contains the main vulnerability and heap spray, the second .mkv file is required in order to take the vulnerable code path and should be placed under the same directory as the .mkv file. This module has been tested against VLC v2.2.8. Tested with payloads windows/exec, windows/x64/exec, windows/shell/reverse_tcp, windows/x64/shell/reverse_tcp. Meterpreter payloads if used can cause the application to crash instead.
Note 
Reliability:
  - unknown-reliability
Stability:
  - unknown-stability
SideEffects:
  - unknown-side-effects
Ransomware campaign use Unknown
Source publication date May 24, 2018
Platform Windows
Source URL https://github.com/rapid7/metasploit-framework/tree/master/modules/exploits/windows/fileformat/vlc_mkv.rb
Data source Exploit-DB
Date added Oct. 16, 2018
Description VLC Media Player - MKV Use-After-Free (Metasploit)
Ransomware campaign use Known
Source publication date Oct. 16, 2018
Exploit type local
Platform windows
Source update date Oct. 18, 2018
Source URL https://raw.githubusercontent.com/rapid7/metasploit-framework/fb689da24c9de2ccda6707c6cfe0d053a4844dfd/modules/exploits/windows/fileformat/vlc_mkv.rb
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2018-11529
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Vector: CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2018-11529
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.9879
EPSS Score 0.74516
Published At July 31, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2025-07-31T08:37:26.545675+00:00 Ubuntu USN Importer Import https://usn.ubuntu.com/USN-4805-1/ 37.0.0