VulnerableCode Vulnerability Details - VCID-xy3k-qejs-fbcx

Search for vulnerabilities

Vulnerability details: VCID-xy3k-qejs-fbcx

Essentials
Severities (9)
References (3)
Severity details (0)
Exploits (2)
EPSS
History (1)

Vulnerability ID	VCID-xy3k-qejs-fbcx
Aliases	CVE-2010-3275
Summary
Status	Published
Exploitability	2.0
Weighted Severity	0.8
Risk	1.6
Affected and Fixed Packages	Package Details

Weaknesses (0)

There are no known CWE.

System	Score	Found at
epss	0.86659	https://api.first.org/data/v1/epss?cve=CVE-2010-3275
epss	0.86659	https://api.first.org/data/v1/epss?cve=CVE-2010-3275
epss	0.86659	https://api.first.org/data/v1/epss?cve=CVE-2010-3275
epss	0.86659	https://api.first.org/data/v1/epss?cve=CVE-2010-3275
epss	0.86659	https://api.first.org/data/v1/epss?cve=CVE-2010-3275
epss	0.86659	https://api.first.org/data/v1/epss?cve=CVE-2010-3275
epss	0.86659	https://api.first.org/data/v1/epss?cve=CVE-2010-3275
epss	0.86659	https://api.first.org/data/v1/epss?cve=CVE-2010-3275
epss	0.86659	https://api.first.org/data/v1/epss?cve=CVE-2010-3275

Reference id	Reference type	URL
		https://api.first.org/data/v1/epss?cve=CVE-2010-3275
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3275
CVE-2010-3275;OSVDB-71277	Exploit	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/17048.rb

Data source	Exploit-DB
Date added	March 26, 2011
Description	VideoLAN VLC Media Player 1.1.4 - 'AMV' Dangling Pointer (Metasploit)
Ransomware campaign use	Known
Source publication date	March 26, 2011
Exploit type	remote
Platform	windows
Source update date	Nov. 15, 2016

Data source	Metasploit
Description	This module exploits VLC media player when handling a .AMV file. By flipping the 0x41st byte in the file format (video width/height), VLC crashes due to an invalid pointer, which allows remote attackers to gain arbitrary code execution. The vulnerable packages include: VLC 1.1.4, VLC 1.1.5, VLC 1.1.6, VLC 1.1.7. Also, please note that IE 8 targets require Java support in order to run properly.
Note	Reliability: - unknown-reliability Stability: - unknown-stability SideEffects: - unknown-side-effects
Ransomware campaign use	Unknown
Source publication date	March 23, 2011
Platform	Windows
Source URL	https://github.com/rapid7/metasploit-framework/tree/master/modules/exploits/windows/browser/vlc_amv.rb

There are no known vectors.

Exploit Prediction Scoring System (EPSS)

Percentile	0.99378
EPSS Score	0.86659
Published At	Aug. 13, 2025, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2025-07-31T11:42:07.837049+00:00	EPSS Importer	Import	https://epss.cyentia.com/epss_scores-current.csv.gz	37.0.0