Search for vulnerabilities
Vulnerability details: VCID-yng6-rrd3-aaae
Vulnerability ID VCID-yng6-rrd3-aaae
Aliases CVE-2011-2194
Summary Integer overflow in the XSPF playlist parser in VideoLAN VLC media player 0.8.5 through 1.1.9 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors that trigger a heap-based buffer overflow.
Status Published
Exploitability 2.0
Weighted Severity 8.4
Risk 10.0
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-189 Numeric Errors
System Score Found at
epss 0.16263 https://api.first.org/data/v1/epss?cve=CVE-2011-2194
epss 0.16263 https://api.first.org/data/v1/epss?cve=CVE-2011-2194
epss 0.16263 https://api.first.org/data/v1/epss?cve=CVE-2011-2194
epss 0.16263 https://api.first.org/data/v1/epss?cve=CVE-2011-2194
epss 0.16263 https://api.first.org/data/v1/epss?cve=CVE-2011-2194
epss 0.16263 https://api.first.org/data/v1/epss?cve=CVE-2011-2194
epss 0.16263 https://api.first.org/data/v1/epss?cve=CVE-2011-2194
epss 0.16263 https://api.first.org/data/v1/epss?cve=CVE-2011-2194
epss 0.16263 https://api.first.org/data/v1/epss?cve=CVE-2011-2194
epss 0.16263 https://api.first.org/data/v1/epss?cve=CVE-2011-2194
epss 0.16263 https://api.first.org/data/v1/epss?cve=CVE-2011-2194
epss 0.17957 https://api.first.org/data/v1/epss?cve=CVE-2011-2194
epss 0.17957 https://api.first.org/data/v1/epss?cve=CVE-2011-2194
epss 0.17957 https://api.first.org/data/v1/epss?cve=CVE-2011-2194
epss 0.21335 https://api.first.org/data/v1/epss?cve=CVE-2011-2194
epss 0.26199 https://api.first.org/data/v1/epss?cve=CVE-2011-2194
epss 0.31365 https://api.first.org/data/v1/epss?cve=CVE-2011-2194
epss 0.31365 https://api.first.org/data/v1/epss?cve=CVE-2011-2194
epss 0.31365 https://api.first.org/data/v1/epss?cve=CVE-2011-2194
epss 0.31365 https://api.first.org/data/v1/epss?cve=CVE-2011-2194
epss 0.31365 https://api.first.org/data/v1/epss?cve=CVE-2011-2194
epss 0.31365 https://api.first.org/data/v1/epss?cve=CVE-2011-2194
epss 0.31365 https://api.first.org/data/v1/epss?cve=CVE-2011-2194
epss 0.31365 https://api.first.org/data/v1/epss?cve=CVE-2011-2194
epss 0.31365 https://api.first.org/data/v1/epss?cve=CVE-2011-2194
epss 0.31365 https://api.first.org/data/v1/epss?cve=CVE-2011-2194
epss 0.31365 https://api.first.org/data/v1/epss?cve=CVE-2011-2194
epss 0.31365 https://api.first.org/data/v1/epss?cve=CVE-2011-2194
epss 0.31365 https://api.first.org/data/v1/epss?cve=CVE-2011-2194
epss 0.31365 https://api.first.org/data/v1/epss?cve=CVE-2011-2194
epss 0.31365 https://api.first.org/data/v1/epss?cve=CVE-2011-2194
epss 0.31365 https://api.first.org/data/v1/epss?cve=CVE-2011-2194
epss 0.31365 https://api.first.org/data/v1/epss?cve=CVE-2011-2194
epss 0.31365 https://api.first.org/data/v1/epss?cve=CVE-2011-2194
epss 0.31365 https://api.first.org/data/v1/epss?cve=CVE-2011-2194
epss 0.31365 https://api.first.org/data/v1/epss?cve=CVE-2011-2194
epss 0.33746 https://api.first.org/data/v1/epss?cve=CVE-2011-2194
epss 0.33746 https://api.first.org/data/v1/epss?cve=CVE-2011-2194
epss 0.33746 https://api.first.org/data/v1/epss?cve=CVE-2011-2194
epss 0.33746 https://api.first.org/data/v1/epss?cve=CVE-2011-2194
epss 0.33746 https://api.first.org/data/v1/epss?cve=CVE-2011-2194
epss 0.33746 https://api.first.org/data/v1/epss?cve=CVE-2011-2194
epss 0.33746 https://api.first.org/data/v1/epss?cve=CVE-2011-2194
epss 0.33746 https://api.first.org/data/v1/epss?cve=CVE-2011-2194
epss 0.33746 https://api.first.org/data/v1/epss?cve=CVE-2011-2194
epss 0.33746 https://api.first.org/data/v1/epss?cve=CVE-2011-2194
epss 0.33746 https://api.first.org/data/v1/epss?cve=CVE-2011-2194
epss 0.33746 https://api.first.org/data/v1/epss?cve=CVE-2011-2194
epss 0.33746 https://api.first.org/data/v1/epss?cve=CVE-2011-2194
epss 0.36217 https://api.first.org/data/v1/epss?cve=CVE-2011-2194
epss 0.36217 https://api.first.org/data/v1/epss?cve=CVE-2011-2194
epss 0.36217 https://api.first.org/data/v1/epss?cve=CVE-2011-2194
epss 0.36217 https://api.first.org/data/v1/epss?cve=CVE-2011-2194
epss 0.36217 https://api.first.org/data/v1/epss?cve=CVE-2011-2194
epss 0.36217 https://api.first.org/data/v1/epss?cve=CVE-2011-2194
epss 0.36217 https://api.first.org/data/v1/epss?cve=CVE-2011-2194
epss 0.36217 https://api.first.org/data/v1/epss?cve=CVE-2011-2194
epss 0.36217 https://api.first.org/data/v1/epss?cve=CVE-2011-2194
epss 0.36217 https://api.first.org/data/v1/epss?cve=CVE-2011-2194
epss 0.36217 https://api.first.org/data/v1/epss?cve=CVE-2011-2194
epss 0.36217 https://api.first.org/data/v1/epss?cve=CVE-2011-2194
epss 0.36217 https://api.first.org/data/v1/epss?cve=CVE-2011-2194
epss 0.36217 https://api.first.org/data/v1/epss?cve=CVE-2011-2194
epss 0.36217 https://api.first.org/data/v1/epss?cve=CVE-2011-2194
epss 0.36217 https://api.first.org/data/v1/epss?cve=CVE-2011-2194
epss 0.36217 https://api.first.org/data/v1/epss?cve=CVE-2011-2194
epss 0.36217 https://api.first.org/data/v1/epss?cve=CVE-2011-2194
epss 0.36217 https://api.first.org/data/v1/epss?cve=CVE-2011-2194
epss 0.36217 https://api.first.org/data/v1/epss?cve=CVE-2011-2194
epss 0.36217 https://api.first.org/data/v1/epss?cve=CVE-2011-2194
epss 0.36217 https://api.first.org/data/v1/epss?cve=CVE-2011-2194
epss 0.36217 https://api.first.org/data/v1/epss?cve=CVE-2011-2194
epss 0.36217 https://api.first.org/data/v1/epss?cve=CVE-2011-2194
cvssv2 9.3 https://nvd.nist.gov/vuln/detail/CVE-2011-2194
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2011-2194
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2194
http://secunia.com/advisories/44892
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14774
http://www.debian.org/security/2011/dsa-2257
http://www.securityfocus.com/bid/48171
http://www.videolan.org/security/sa1104.html
cpe:2.3:a:videolan:vlc_media_player:0.8.5:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:0.8.5:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:0.8.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:0.8.6:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:0.8.6a:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:0.8.6a:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:0.8.6b:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:0.8.6b:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:0.8.6c:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:0.8.6c:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:0.8.6d:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:0.8.6d:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:0.8.6e:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:0.8.6e:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:0.8.6f:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:0.8.6f:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:0.8.6g:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:0.8.6g:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:0.8.6h:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:0.8.6h:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:0.8.6i:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:0.8.6i:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:0.9.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:0.9.0:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:0.9.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:0.9.1:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:0.9.10:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:0.9.10:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:0.9.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:0.9.2:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:0.9.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:0.9.3:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:0.9.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:0.9.4:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:0.9.5:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:0.9.5:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:0.9.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:0.9.6:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:0.9.8a:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:0.9.8a:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:0.9.9:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:0.9.9:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:0.9.9a:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:0.9.9a:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:1.0.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:1.0.0:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:1.0.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:1.0.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:1.0.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:1.0.3:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:1.0.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:1.0.4:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:1.0.5:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:1.0.5:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:1.0.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:1.0.6:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:1.1.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:1.1.0:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:1.1.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:1.1.1:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:1.1.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:1.1.2:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:1.1.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:1.1.3:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:1.1.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:1.1.4:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:1.1.4.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:1.1.4.1:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:1.1.5:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:1.1.5:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:1.1.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:1.1.6:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:1.1.7:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:1.1.7:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:1.1.8:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:1.1.8:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:1.1.9:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:1.1.9:*:*:*:*:*:*:*
CVE-2011-2194 https://nvd.nist.gov/vuln/detail/CVE-2011-2194
CVE-2011-2194;OSVDB-73450 Exploit https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/17372.txt
GLSA-201411-01 https://security.gentoo.org/glsa/201411-01
Data source Exploit-DB
Date added June 8, 2011
Description VideoLAN VLC Media Player 1.1.9 - XSPF Playlist Local File Integer Overflow
Ransomware campaign use Known
Source publication date June 8, 2011
Exploit type dos
Platform windows
Source update date Nov. 15, 2016
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C Found at https://nvd.nist.gov/vuln/detail/CVE-2011-2194
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.96106
EPSS Score 0.16263
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.