CVE-2012-1775
50Vexday Risk Score
Patch soon. It has a working public exploit.
ssvc Attendepss 45%
from disclosure to weapon45 days
Published on NVDMar 19
1st PoC+45d
metasploitMar 15
exploitation probability
45%top 1% of all CVEs
observed exploitation
nono source reports it
2 public exploit(s)
Stack-based buffer overflow in VideoLAN VLC media player before 2.0.1 allows remote attackers to execute arbitrary code via a crafted MMS:// stream.
Affected products
n/a · n/apublic PoCs found — 2
cve_referencewww.exploit-db.com/exploits/18825unverifiedexploitdbwww.exploit-db.com/exploits/18825unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
References
http://git.videolan.org/?p=vlc/vlc-2.0.git%3Ba=commit%3Bh=11a95cce96fffdbaba1be6034d7b42721667821chttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14820http://www.exploit-db.com/exploits/18825http://www.securityfocus.com/bid/52550http://www.securityfocus.com/bid/53391http://www.videolan.org/security/sa1201.html