VDB
CVE-2008-0984
CVE-2008-0984
PUBLISHED
CVSS 9.300000190734863 CRITICAL
The MP4 demuxer (mp4.c) for VLC media player 0.8.6d and earlier, as used in Miro Player 1.1 and earlier, allows remote attackers to overwrite arbitrary memory and execute arbitrary code via a malformed MP4 file.
EPSS 27.19% · 96.5th percentile
Risk Scores
CVSS 2.0
9.300000190734863
EPSS Score
27.19%
96.5th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | * |
| videolan | vlc_media_player | 0 |
| miro | miro_player | 0 |
Timeline
- Feb 26, 2008 CVE Published
- Apr 25, 2008 PoC Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Sep 8, 2023 EPSS Score
- Oct 30, 2023 EPSS Score
References
- 29122 third-party-advisory
- 29284 third-party-advisory
- DSA-1543 vendor-advisory
- 29153 third-party-advisory
- http://www.videolan.org/security/sa0802.html url
- 28007 vdb
- 1019510 vdb
- 20080227 CORE-2008-0130: VLC media player chunk context validation error mailing-list
- 20080227 CORE-2008-0130: VLC media player chunk context validation error mailing-list
- 29766 third-party-advisory
- ADV-2008-0682 vdb
- http://www.coresecurity.com/?action=item&id=2147 url
- GLSA-200803-13 vendor-advisory
- https://nvd.nist.gov/vuln/detail/CVE-2008-0984 advisory