Search for vulnerabilities
Vulnerability details: VCID-tzgc-et9x-aaag
Vulnerability ID VCID-tzgc-et9x-aaag
Aliases CVE-2010-0364
Summary Stack-based buffer overflow in VideoLAN VLC Media Player 0.8.6 allows user-assisted remote attackers to execute arbitrary code via an ogg file with a crafted Advanced SubStation Alpha Subtitle (.ass) file, probably involving the Dialogue field.
Status Published
Exploitability 2.0
Weighted Severity 8.4
Risk 10.0
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
System Score Found at
epss 0.06665 https://api.first.org/data/v1/epss?cve=CVE-2010-0364
epss 0.06665 https://api.first.org/data/v1/epss?cve=CVE-2010-0364
epss 0.06665 https://api.first.org/data/v1/epss?cve=CVE-2010-0364
epss 0.06665 https://api.first.org/data/v1/epss?cve=CVE-2010-0364
epss 0.0686 https://api.first.org/data/v1/epss?cve=CVE-2010-0364
epss 0.0686 https://api.first.org/data/v1/epss?cve=CVE-2010-0364
epss 0.0686 https://api.first.org/data/v1/epss?cve=CVE-2010-0364
epss 0.0686 https://api.first.org/data/v1/epss?cve=CVE-2010-0364
epss 0.0686 https://api.first.org/data/v1/epss?cve=CVE-2010-0364
epss 0.0686 https://api.first.org/data/v1/epss?cve=CVE-2010-0364
epss 0.0686 https://api.first.org/data/v1/epss?cve=CVE-2010-0364
epss 0.0686 https://api.first.org/data/v1/epss?cve=CVE-2010-0364
epss 0.0686 https://api.first.org/data/v1/epss?cve=CVE-2010-0364
epss 0.0686 https://api.first.org/data/v1/epss?cve=CVE-2010-0364
epss 0.0686 https://api.first.org/data/v1/epss?cve=CVE-2010-0364
epss 0.0686 https://api.first.org/data/v1/epss?cve=CVE-2010-0364
epss 0.0686 https://api.first.org/data/v1/epss?cve=CVE-2010-0364
epss 0.0686 https://api.first.org/data/v1/epss?cve=CVE-2010-0364
epss 0.0686 https://api.first.org/data/v1/epss?cve=CVE-2010-0364
epss 0.0686 https://api.first.org/data/v1/epss?cve=CVE-2010-0364
epss 0.0686 https://api.first.org/data/v1/epss?cve=CVE-2010-0364
epss 0.0686 https://api.first.org/data/v1/epss?cve=CVE-2010-0364
epss 0.0686 https://api.first.org/data/v1/epss?cve=CVE-2010-0364
epss 0.0686 https://api.first.org/data/v1/epss?cve=CVE-2010-0364
epss 0.0686 https://api.first.org/data/v1/epss?cve=CVE-2010-0364
epss 0.0686 https://api.first.org/data/v1/epss?cve=CVE-2010-0364
epss 0.0686 https://api.first.org/data/v1/epss?cve=CVE-2010-0364
epss 0.0686 https://api.first.org/data/v1/epss?cve=CVE-2010-0364
epss 0.0686 https://api.first.org/data/v1/epss?cve=CVE-2010-0364
epss 0.0686 https://api.first.org/data/v1/epss?cve=CVE-2010-0364
epss 0.0686 https://api.first.org/data/v1/epss?cve=CVE-2010-0364
epss 0.0686 https://api.first.org/data/v1/epss?cve=CVE-2010-0364
epss 0.0686 https://api.first.org/data/v1/epss?cve=CVE-2010-0364
epss 0.0686 https://api.first.org/data/v1/epss?cve=CVE-2010-0364
epss 0.0686 https://api.first.org/data/v1/epss?cve=CVE-2010-0364
epss 0.0686 https://api.first.org/data/v1/epss?cve=CVE-2010-0364
epss 0.0686 https://api.first.org/data/v1/epss?cve=CVE-2010-0364
epss 0.0686 https://api.first.org/data/v1/epss?cve=CVE-2010-0364
epss 0.0686 https://api.first.org/data/v1/epss?cve=CVE-2010-0364
epss 0.0686 https://api.first.org/data/v1/epss?cve=CVE-2010-0364
epss 0.0686 https://api.first.org/data/v1/epss?cve=CVE-2010-0364
epss 0.0686 https://api.first.org/data/v1/epss?cve=CVE-2010-0364
epss 0.0686 https://api.first.org/data/v1/epss?cve=CVE-2010-0364
epss 0.0686 https://api.first.org/data/v1/epss?cve=CVE-2010-0364
epss 0.0686 https://api.first.org/data/v1/epss?cve=CVE-2010-0364
epss 0.0686 https://api.first.org/data/v1/epss?cve=CVE-2010-0364
epss 0.0686 https://api.first.org/data/v1/epss?cve=CVE-2010-0364
epss 0.0686 https://api.first.org/data/v1/epss?cve=CVE-2010-0364
epss 0.0686 https://api.first.org/data/v1/epss?cve=CVE-2010-0364
epss 0.0686 https://api.first.org/data/v1/epss?cve=CVE-2010-0364
epss 0.0686 https://api.first.org/data/v1/epss?cve=CVE-2010-0364
epss 0.0686 https://api.first.org/data/v1/epss?cve=CVE-2010-0364
epss 0.0686 https://api.first.org/data/v1/epss?cve=CVE-2010-0364
epss 0.0686 https://api.first.org/data/v1/epss?cve=CVE-2010-0364
epss 0.08461 https://api.first.org/data/v1/epss?cve=CVE-2010-0364
epss 0.08461 https://api.first.org/data/v1/epss?cve=CVE-2010-0364
epss 0.08461 https://api.first.org/data/v1/epss?cve=CVE-2010-0364
epss 0.08461 https://api.first.org/data/v1/epss?cve=CVE-2010-0364
epss 0.08461 https://api.first.org/data/v1/epss?cve=CVE-2010-0364
epss 0.08461 https://api.first.org/data/v1/epss?cve=CVE-2010-0364
epss 0.08461 https://api.first.org/data/v1/epss?cve=CVE-2010-0364
epss 0.08461 https://api.first.org/data/v1/epss?cve=CVE-2010-0364
epss 0.08461 https://api.first.org/data/v1/epss?cve=CVE-2010-0364
epss 0.08461 https://api.first.org/data/v1/epss?cve=CVE-2010-0364
epss 0.08461 https://api.first.org/data/v1/epss?cve=CVE-2010-0364
epss 0.08461 https://api.first.org/data/v1/epss?cve=CVE-2010-0364
epss 0.08461 https://api.first.org/data/v1/epss?cve=CVE-2010-0364
epss 0.08461 https://api.first.org/data/v1/epss?cve=CVE-2010-0364
epss 0.08461 https://api.first.org/data/v1/epss?cve=CVE-2010-0364
epss 0.08461 https://api.first.org/data/v1/epss?cve=CVE-2010-0364
epss 0.12342 https://api.first.org/data/v1/epss?cve=CVE-2010-0364
cvssv2 9.3 https://nvd.nist.gov/vuln/detail/CVE-2010-0364
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2010-0364
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0364
https://exchange.xforce.ibmcloud.com/vulnerabilities/55717
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14342
http://www.exploit-db.com/exploits/11174
http://www.securityfocus.com/bid/37832
458318 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=458318
cpe:2.3:a:videolan:vlc_media_player:0.8.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:0.8.6:*:*:*:*:*:*:*
CVE-2010-0364 https://nvd.nist.gov/vuln/detail/CVE-2010-0364
OSVDB-61895;CVE-2010-0364 Exploit https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/11174.c
Data source Exploit-DB
Date added Jan. 16, 2010
Description VideoLAN VLC Media Player 0.8.6 a/b/c/d (Win32 Universal) - '.ass' Local Buffer Overflow
Ransomware campaign use Known
Source publication date Jan. 17, 2010
Exploit type local
Platform windows
Source update date Nov. 23, 2016
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C Found at https://nvd.nist.gov/vuln/detail/CVE-2010-0364
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.90731
EPSS Score 0.06665
Published At June 14, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.