Search for vulnerabilities
Vulnerability details: VCID-nkbf-fhjh-aaah
Vulnerability ID VCID-nkbf-fhjh-aaah
Aliases CVE-2013-4388
Summary Buffer overflow in the mp4a packetizer (modules/packetizer/mpeg4audio.c) in VideoLAN VLC Media Player before 2.0.8 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.
Status Published
Exploitability 0.5
Weighted Severity 6.2
Risk 3.1
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
System Score Found at
generic_textual Medium http://git.videolan.org/?p=vlc.git;a=commitdiff;h=9794ec1cd268c04c8bca13a5fae15df6594dff3e
generic_textual Medium http://people.canonical.com/~ubuntu-security/cve/2013/CVE-2013-4388.html
epss 0.02978 https://api.first.org/data/v1/epss?cve=CVE-2013-4388
epss 0.03905 https://api.first.org/data/v1/epss?cve=CVE-2013-4388
epss 0.03905 https://api.first.org/data/v1/epss?cve=CVE-2013-4388
epss 0.03905 https://api.first.org/data/v1/epss?cve=CVE-2013-4388
epss 0.03905 https://api.first.org/data/v1/epss?cve=CVE-2013-4388
epss 0.03905 https://api.first.org/data/v1/epss?cve=CVE-2013-4388
epss 0.03905 https://api.first.org/data/v1/epss?cve=CVE-2013-4388
epss 0.03905 https://api.first.org/data/v1/epss?cve=CVE-2013-4388
epss 0.03905 https://api.first.org/data/v1/epss?cve=CVE-2013-4388
epss 0.03905 https://api.first.org/data/v1/epss?cve=CVE-2013-4388
epss 0.03905 https://api.first.org/data/v1/epss?cve=CVE-2013-4388
epss 0.03905 https://api.first.org/data/v1/epss?cve=CVE-2013-4388
epss 0.03905 https://api.first.org/data/v1/epss?cve=CVE-2013-4388
epss 0.03905 https://api.first.org/data/v1/epss?cve=CVE-2013-4388
epss 0.03905 https://api.first.org/data/v1/epss?cve=CVE-2013-4388
epss 0.03905 https://api.first.org/data/v1/epss?cve=CVE-2013-4388
epss 0.03905 https://api.first.org/data/v1/epss?cve=CVE-2013-4388
epss 0.03905 https://api.first.org/data/v1/epss?cve=CVE-2013-4388
epss 0.03905 https://api.first.org/data/v1/epss?cve=CVE-2013-4388
epss 0.03905 https://api.first.org/data/v1/epss?cve=CVE-2013-4388
epss 0.03905 https://api.first.org/data/v1/epss?cve=CVE-2013-4388
epss 0.03905 https://api.first.org/data/v1/epss?cve=CVE-2013-4388
epss 0.03905 https://api.first.org/data/v1/epss?cve=CVE-2013-4388
epss 0.03905 https://api.first.org/data/v1/epss?cve=CVE-2013-4388
epss 0.03905 https://api.first.org/data/v1/epss?cve=CVE-2013-4388
epss 0.03905 https://api.first.org/data/v1/epss?cve=CVE-2013-4388
epss 0.03905 https://api.first.org/data/v1/epss?cve=CVE-2013-4388
epss 0.03905 https://api.first.org/data/v1/epss?cve=CVE-2013-4388
epss 0.03905 https://api.first.org/data/v1/epss?cve=CVE-2013-4388
epss 0.03905 https://api.first.org/data/v1/epss?cve=CVE-2013-4388
epss 0.03905 https://api.first.org/data/v1/epss?cve=CVE-2013-4388
epss 0.03905 https://api.first.org/data/v1/epss?cve=CVE-2013-4388
epss 0.03905 https://api.first.org/data/v1/epss?cve=CVE-2013-4388
epss 0.03905 https://api.first.org/data/v1/epss?cve=CVE-2013-4388
epss 0.03905 https://api.first.org/data/v1/epss?cve=CVE-2013-4388
epss 0.03905 https://api.first.org/data/v1/epss?cve=CVE-2013-4388
epss 0.03905 https://api.first.org/data/v1/epss?cve=CVE-2013-4388
epss 0.03905 https://api.first.org/data/v1/epss?cve=CVE-2013-4388
epss 0.03905 https://api.first.org/data/v1/epss?cve=CVE-2013-4388
epss 0.03905 https://api.first.org/data/v1/epss?cve=CVE-2013-4388
epss 0.03905 https://api.first.org/data/v1/epss?cve=CVE-2013-4388
epss 0.03905 https://api.first.org/data/v1/epss?cve=CVE-2013-4388
epss 0.03905 https://api.first.org/data/v1/epss?cve=CVE-2013-4388
epss 0.03905 https://api.first.org/data/v1/epss?cve=CVE-2013-4388
epss 0.03905 https://api.first.org/data/v1/epss?cve=CVE-2013-4388
epss 0.03905 https://api.first.org/data/v1/epss?cve=CVE-2013-4388
epss 0.03905 https://api.first.org/data/v1/epss?cve=CVE-2013-4388
epss 0.03905 https://api.first.org/data/v1/epss?cve=CVE-2013-4388
epss 0.03905 https://api.first.org/data/v1/epss?cve=CVE-2013-4388
epss 0.03905 https://api.first.org/data/v1/epss?cve=CVE-2013-4388
epss 0.03905 https://api.first.org/data/v1/epss?cve=CVE-2013-4388
epss 0.03905 https://api.first.org/data/v1/epss?cve=CVE-2013-4388
epss 0.03905 https://api.first.org/data/v1/epss?cve=CVE-2013-4388
epss 0.03905 https://api.first.org/data/v1/epss?cve=CVE-2013-4388
epss 0.03905 https://api.first.org/data/v1/epss?cve=CVE-2013-4388
epss 0.03905 https://api.first.org/data/v1/epss?cve=CVE-2013-4388
epss 0.03905 https://api.first.org/data/v1/epss?cve=CVE-2013-4388
epss 0.03905 https://api.first.org/data/v1/epss?cve=CVE-2013-4388
epss 0.03905 https://api.first.org/data/v1/epss?cve=CVE-2013-4388
epss 0.03905 https://api.first.org/data/v1/epss?cve=CVE-2013-4388
epss 0.05110 https://api.first.org/data/v1/epss?cve=CVE-2013-4388
epss 0.05110 https://api.first.org/data/v1/epss?cve=CVE-2013-4388
epss 0.05110 https://api.first.org/data/v1/epss?cve=CVE-2013-4388
epss 0.05110 https://api.first.org/data/v1/epss?cve=CVE-2013-4388
epss 0.05110 https://api.first.org/data/v1/epss?cve=CVE-2013-4388
epss 0.05110 https://api.first.org/data/v1/epss?cve=CVE-2013-4388
epss 0.05110 https://api.first.org/data/v1/epss?cve=CVE-2013-4388
epss 0.05110 https://api.first.org/data/v1/epss?cve=CVE-2013-4388
epss 0.05110 https://api.first.org/data/v1/epss?cve=CVE-2013-4388
epss 0.05110 https://api.first.org/data/v1/epss?cve=CVE-2013-4388
epss 0.05110 https://api.first.org/data/v1/epss?cve=CVE-2013-4388
epss 0.05110 https://api.first.org/data/v1/epss?cve=CVE-2013-4388
epss 0.05110 https://api.first.org/data/v1/epss?cve=CVE-2013-4388
epss 0.05110 https://api.first.org/data/v1/epss?cve=CVE-2013-4388
epss 0.05110 https://api.first.org/data/v1/epss?cve=CVE-2013-4388
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4388
cvssv2 6.8 https://nvd.nist.gov/vuln/detail/CVE-2013-4388
generic_textual Medium http://www.videolan.org/developers/vlc-branch/NEWS
Reference id Reference type URL
http://git.videolan.org/?p=vlc.git%3Ba=commitdiff%3Bh=9794ec1cd268c04c8bca13a5fae15df6594dff3e
http://git.videolan.org/?p=vlc.git;a=commitdiff;h=9794ec1cd268c04c8bca13a5fae15df6594dff3e
http://people.canonical.com/~ubuntu-security/cve/2013/CVE-2013-4388.html
https://api.first.org/data/v1/epss?cve=CVE-2013-4388
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1868
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1954
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4388
http://secunia.com/advisories/59793
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18086
http://www.openwall.com/lists/oss-security/2013/10/01/2
http://www.securityfocus.com/bid/62724
http://www.securitytracker.com/id/1029120
http://www.videolan.org/developers/vlc-branch/NEWS
726528 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=726528
cpe:2.3:a:videolan:vlc_media_player:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:*:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:2.0.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:2.0.0:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:2.0.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:2.0.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:2.0.2:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:2.0.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:2.0.3:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:2.0.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:2.0.4:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:2.0.5:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:2.0.5:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:2.0.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:2.0.6:*:*:*:*:*:*:*
CVE-2013-4388 https://nvd.nist.gov/vuln/detail/CVE-2013-4388
GLSA-201411-01 https://security.gentoo.org/glsa/201411-01
No exploits are available.
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2013-4388
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.77508
EPSS Score 0.02978
Published At March 29, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.