VDB

CVE-2024-46461

CVE-2024-46461 PUBLISHED CVSS 8 HIGH

VLC media player 3.0.20 and earlier is vulnerable to denial of service through an integer overflow which could be triggered with a maliciously crafted mms stream (heap based overflow). If successful, a malicious third party could trigger either a crash of VLC or an arbitrary code execution with the target user's privileges.

EPSS 0.35% · 58.0th percentile

Risk Scores

CVSS 3.1
8
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:F/RL:T/RC:C
EPSS Score
0.35%
58.0th percentile

Affected Products

VendorProductVersions
ABBABB Ability Camera Connect <=1.5.0.14

Timeline

  • Sep 25, 2024 CVE Published
  • Sep 25, 2024 CVE Updated
  • Sep 26, 2024 EPSS Score
  • Oct 5, 2024 Coalition ESS Score
  • Oct 15, 2024 EPSS Score
  • Nov 4, 2024 EPSS Score
  • Nov 23, 2024 EPSS Score
  • Dec 13, 2024 EPSS Score
  • Jan 2, 2025 EPSS Score
  • Jan 21, 2025 EPSS Score
  • Feb 9, 2025 EPSS Score
  • Feb 28, 2025 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›