Search for vulnerabilities
Vulnerability details: VCID-zehf-1d9c-aaam
Vulnerability ID VCID-zehf-1d9c-aaam
Aliases CVE-2008-0984
Summary The MP4 demuxer (mp4.c) for VLC media player 0.8.6d and earlier, as used in Miro Player 1.1 and earlier, allows remote attackers to overwrite arbitrary memory and execute arbitrary code via a malformed MP4 file.
Status Published
Exploitability 2.0
Weighted Severity 8.4
Risk 10.0
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-399 Resource Management Errors
System Score Found at
epss 0.15470 https://api.first.org/data/v1/epss?cve=CVE-2008-0984
epss 0.15470 https://api.first.org/data/v1/epss?cve=CVE-2008-0984
epss 0.15470 https://api.first.org/data/v1/epss?cve=CVE-2008-0984
epss 0.15470 https://api.first.org/data/v1/epss?cve=CVE-2008-0984
epss 0.15470 https://api.first.org/data/v1/epss?cve=CVE-2008-0984
epss 0.15470 https://api.first.org/data/v1/epss?cve=CVE-2008-0984
epss 0.16115 https://api.first.org/data/v1/epss?cve=CVE-2008-0984
epss 0.16115 https://api.first.org/data/v1/epss?cve=CVE-2008-0984
epss 0.16115 https://api.first.org/data/v1/epss?cve=CVE-2008-0984
epss 0.16115 https://api.first.org/data/v1/epss?cve=CVE-2008-0984
epss 0.16115 https://api.first.org/data/v1/epss?cve=CVE-2008-0984
epss 0.21807 https://api.first.org/data/v1/epss?cve=CVE-2008-0984
epss 0.21807 https://api.first.org/data/v1/epss?cve=CVE-2008-0984
epss 0.21807 https://api.first.org/data/v1/epss?cve=CVE-2008-0984
epss 0.25499 https://api.first.org/data/v1/epss?cve=CVE-2008-0984
epss 0.25563 https://api.first.org/data/v1/epss?cve=CVE-2008-0984
epss 0.25563 https://api.first.org/data/v1/epss?cve=CVE-2008-0984
epss 0.25563 https://api.first.org/data/v1/epss?cve=CVE-2008-0984
epss 0.25563 https://api.first.org/data/v1/epss?cve=CVE-2008-0984
epss 0.25563 https://api.first.org/data/v1/epss?cve=CVE-2008-0984
epss 0.25563 https://api.first.org/data/v1/epss?cve=CVE-2008-0984
epss 0.25563 https://api.first.org/data/v1/epss?cve=CVE-2008-0984
epss 0.25563 https://api.first.org/data/v1/epss?cve=CVE-2008-0984
epss 0.25563 https://api.first.org/data/v1/epss?cve=CVE-2008-0984
epss 0.25563 https://api.first.org/data/v1/epss?cve=CVE-2008-0984
epss 0.25563 https://api.first.org/data/v1/epss?cve=CVE-2008-0984
epss 0.25563 https://api.first.org/data/v1/epss?cve=CVE-2008-0984
epss 0.25563 https://api.first.org/data/v1/epss?cve=CVE-2008-0984
epss 0.26592 https://api.first.org/data/v1/epss?cve=CVE-2008-0984
epss 0.26592 https://api.first.org/data/v1/epss?cve=CVE-2008-0984
epss 0.26592 https://api.first.org/data/v1/epss?cve=CVE-2008-0984
epss 0.26592 https://api.first.org/data/v1/epss?cve=CVE-2008-0984
epss 0.26592 https://api.first.org/data/v1/epss?cve=CVE-2008-0984
epss 0.26592 https://api.first.org/data/v1/epss?cve=CVE-2008-0984
epss 0.26592 https://api.first.org/data/v1/epss?cve=CVE-2008-0984
epss 0.26592 https://api.first.org/data/v1/epss?cve=CVE-2008-0984
epss 0.26592 https://api.first.org/data/v1/epss?cve=CVE-2008-0984
epss 0.26592 https://api.first.org/data/v1/epss?cve=CVE-2008-0984
epss 0.26592 https://api.first.org/data/v1/epss?cve=CVE-2008-0984
epss 0.26592 https://api.first.org/data/v1/epss?cve=CVE-2008-0984
epss 0.26592 https://api.first.org/data/v1/epss?cve=CVE-2008-0984
epss 0.26592 https://api.first.org/data/v1/epss?cve=CVE-2008-0984
epss 0.26592 https://api.first.org/data/v1/epss?cve=CVE-2008-0984
epss 0.26592 https://api.first.org/data/v1/epss?cve=CVE-2008-0984
epss 0.26592 https://api.first.org/data/v1/epss?cve=CVE-2008-0984
epss 0.26592 https://api.first.org/data/v1/epss?cve=CVE-2008-0984
epss 0.26592 https://api.first.org/data/v1/epss?cve=CVE-2008-0984
epss 0.26592 https://api.first.org/data/v1/epss?cve=CVE-2008-0984
epss 0.26592 https://api.first.org/data/v1/epss?cve=CVE-2008-0984
epss 0.26592 https://api.first.org/data/v1/epss?cve=CVE-2008-0984
epss 0.26592 https://api.first.org/data/v1/epss?cve=CVE-2008-0984
epss 0.26592 https://api.first.org/data/v1/epss?cve=CVE-2008-0984
epss 0.26592 https://api.first.org/data/v1/epss?cve=CVE-2008-0984
epss 0.26592 https://api.first.org/data/v1/epss?cve=CVE-2008-0984
epss 0.26592 https://api.first.org/data/v1/epss?cve=CVE-2008-0984
epss 0.26592 https://api.first.org/data/v1/epss?cve=CVE-2008-0984
epss 0.26592 https://api.first.org/data/v1/epss?cve=CVE-2008-0984
epss 0.26592 https://api.first.org/data/v1/epss?cve=CVE-2008-0984
epss 0.26592 https://api.first.org/data/v1/epss?cve=CVE-2008-0984
epss 0.26592 https://api.first.org/data/v1/epss?cve=CVE-2008-0984
epss 0.26592 https://api.first.org/data/v1/epss?cve=CVE-2008-0984
epss 0.26592 https://api.first.org/data/v1/epss?cve=CVE-2008-0984
epss 0.26592 https://api.first.org/data/v1/epss?cve=CVE-2008-0984
epss 0.26592 https://api.first.org/data/v1/epss?cve=CVE-2008-0984
epss 0.26592 https://api.first.org/data/v1/epss?cve=CVE-2008-0984
epss 0.26592 https://api.first.org/data/v1/epss?cve=CVE-2008-0984
epss 0.26592 https://api.first.org/data/v1/epss?cve=CVE-2008-0984
epss 0.41236 https://api.first.org/data/v1/epss?cve=CVE-2008-0984
cvssv2 9.3 https://nvd.nist.gov/vuln/detail/CVE-2008-0984
Reference id Reference type URL
http://lists.grok.org.uk/pipermail/full-disclosure/2008-February/060481.html
https://api.first.org/data/v1/epss?cve=CVE-2008-0984
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0984
http://secunia.com/advisories/29122
http://secunia.com/advisories/29153
http://secunia.com/advisories/29284
http://secunia.com/advisories/29766
http://www.coresecurity.com/?action=item&id=2147
http://www.debian.org/security/2008/dsa-1543
http://www.gentoo.org/security/en/glsa/glsa-200803-13.xml
http://www.securityfocus.com/archive/1/488841/100/0/threaded
http://www.securityfocus.com/bid/28007
http://www.securitytracker.com/id?1019510
http://www.videolan.org/security/sa0802.html
http://www.vupen.com/english/advisories/2008/0682
467652 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=467652
cpe:2.3:a:miro:miro_player:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:miro:miro_player:*:*:*:*:*:*:*:*
cpe:2.3:a:videolan:vlc_media_player:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:videolan:vlc_media_player:*:*:*:*:*:*:*:*
CVE-2008-0984 https://nvd.nist.gov/vuln/detail/CVE-2008-0984
GLSA-200803-13 https://security.gentoo.org/glsa/200803-13
Data source Exploit-DB
Date added April 24, 2008
Description Kantaris 0.3.4 - SSA Subtitle Local Buffer Overflow
Ransomware campaign use Known
Source publication date April 25, 2008
Exploit type local
Platform windows
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C Found at https://nvd.nist.gov/vuln/detail/CVE-2008-0984
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.96072
EPSS Score 0.15470
Published At Nov. 23, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.