VYPR
← All advisories
Unrated severityNVD Advisory· Published Jan 3, 2011· Updated Apr 29, 2026

CVE-2010-3907

CVE-2010-3907

Description

Multiple integer overflows in real.c in the Real demuxer plugin in VideoLAN VLC Media Player before 1.1.6 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a zero i_subpackets value in a Real Media file, leading to a heap-based buffer overflow.

Affected products

68
  • VideoLAN/Vlc Media Player67 versions
    cpe:2.3:a:videolan:vlc_media_player:*:*:*:*:*:*:*:*+ 66 more
    • cpe:2.3:a:videolan:vlc_media_player:*:*:*:*:*:*:*:*range: <=1.1.5
    • cpe:2.3:a:videolan:vlc_media_player:0.1.99b:*:*:*:*:*:*:*
    • cpe:2.3:a:videolan:vlc_media_player:0.1.99e:*:*:*:*:*:*:*
    • cpe:2.3:a:videolan:vlc_media_player:0.1.99f:*:*:*:*:*:*:*
    • cpe:2.3:a:videolan:vlc_media_player:0.1.99g:*:*:*:*:*:*:*
    • cpe:2.3:a:videolan:vlc_media_player:0.1.99h:*:*:*:*:*:*:*
    • cpe:2.3:a:videolan:vlc_media_player:0.1.99i:*:*:*:*:*:*:*
    • cpe:2.3:a:videolan:vlc_media_player:0.2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:videolan:vlc_media_player:0.2.60:*:*:*:*:*:*:*
    • cpe:2.3:a:videolan:vlc_media_player:0.2.61:*:*:*:*:*:*:*
    • cpe:2.3:a:videolan:vlc_media_player:0.2.62:*:*:*:*:*:*:*
    • cpe:2.3:a:videolan:vlc_media_player:0.2.63:*:*:*:*:*:*:*
    • cpe:2.3:a:videolan:vlc_media_player:0.2.70:*:*:*:*:*:*:*
    • cpe:2.3:a:videolan:vlc_media_player:0.2.71:*:*:*:*:*:*:*
    • cpe:2.3:a:videolan:vlc_media_player:0.2.72:*:*:*:*:*:*:*
    • cpe:2.3:a:videolan:vlc_media_player:0.2.73:*:*:*:*:*:*:*
    • cpe:2.3:a:videolan:vlc_media_player:0.2.80:*:*:*:*:*:*:*
    • cpe:2.3:a:videolan:vlc_media_player:0.2.81:*:*:*:*:*:*:*
    • cpe:2.3:a:videolan:vlc_media_player:0.2.82:*:*:*:*:*:*:*
    • cpe:2.3:a:videolan:vlc_media_player:0.2.83:*:*:*:*:*:*:*
    • cpe:2.3:a:videolan:vlc_media_player:0.2.90:*:*:*:*:*:*:*
    • cpe:2.3:a:videolan:vlc_media_player:0.2.91:*:*:*:*:*:*:*
    • cpe:2.3:a:videolan:vlc_media_player:0.2.92:*:*:*:*:*:*:*
    • cpe:2.3:a:videolan:vlc_media_player:0.3.0:*:*:*:*:*:*:*
    • cpe:2.3:a:videolan:vlc_media_player:0.3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:videolan:vlc_media_player:0.4.0:*:*:*:*:*:*:*
    • cpe:2.3:a:videolan:vlc_media_player:0.4.1:*:*:*:*:*:*:*
    • cpe:2.3:a:videolan:vlc_media_player:0.4.2:*:*:*:*:*:*:*
    • cpe:2.3:a:videolan:vlc_media_player:0.4.3:*:*:*:*:*:*:*
    • cpe:2.3:a:videolan:vlc_media_player:0.4.4:*:*:*:*:*:*:*
    • cpe:2.3:a:videolan:vlc_media_player:0.4.5:*:*:*:*:*:*:*
    • cpe:2.3:a:videolan:vlc_media_player:0.4.6:*:*:*:*:*:*:*
    • cpe:2.3:a:videolan:vlc_media_player:0.5.0:*:*:*:*:*:*:*
    • cpe:2.3:a:videolan:vlc_media_player:0.5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:videolan:vlc_media_player:0.5.2:*:*:*:*:*:*:*
    • cpe:2.3:a:videolan:vlc_media_player:0.5.3:*:*:*:*:*:*:*
    • cpe:2.3:a:videolan:vlc_media_player:0.6.0:*:*:*:*:*:*:*
    • cpe:2.3:a:videolan:vlc_media_player:0.6.1:*:*:*:*:*:*:*
    • cpe:2.3:a:videolan:vlc_media_player:0.6.2:*:*:*:*:*:*:*
    • cpe:2.3:a:videolan:vlc_media_player:0.7.0:*:*:*:*:*:*:*
    • cpe:2.3:a:videolan:vlc_media_player:0.7.2:*:*:*:*:*:*:*
    • cpe:2.3:a:videolan:vlc_media_player:0.8.0:*:*:*:*:*:*:*
    • cpe:2.3:a:videolan:vlc_media_player:0.8.1:*:*:*:*:*:*:*
    • cpe:2.3:a:videolan:vlc_media_player:0.8.2:*:*:*:*:*:*:*
    • cpe:2.3:a:videolan:vlc_media_player:0.8.4:*:*:*:*:*:*:*
    • cpe:2.3:a:videolan:vlc_media_player:0.8.5:*:*:*:*:*:*:*
    • cpe:2.3:a:videolan:vlc_media_player:0.8.6:*:*:*:*:*:*:*
    • cpe:2.3:a:videolan:vlc_media_player:0.9.10:*:*:*:*:*:*:*
    • cpe:2.3:a:videolan:vlc_media_player:0.9.2:*:*:*:*:*:*:*
    • cpe:2.3:a:videolan:vlc_media_player:0.9.3:*:*:*:*:*:*:*
    • cpe:2.3:a:videolan:vlc_media_player:0.9.4:*:*:*:*:*:*:*
    • cpe:2.3:a:videolan:vlc_media_player:0.9.5:*:*:*:*:*:*:*
    • cpe:2.3:a:videolan:vlc_media_player:0.9.6:*:*:*:*:*:*:*
    • cpe:2.3:a:videolan:vlc_media_player:0.9.8a:*:*:*:*:*:*:*
    • cpe:2.3:a:videolan:vlc_media_player:0.9.9:*:*:*:*:*:*:*
    • cpe:2.3:a:videolan:vlc_media_player:1.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:videolan:vlc_media_player:1.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:videolan:vlc_media_player:1.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:videolan:vlc_media_player:1.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:videolan:vlc_media_player:1.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:videolan:vlc_media_player:1.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:videolan:vlc_media_player:1.0.6:*:*:*:*:*:*:*
    • cpe:2.3:a:videolan:vlc_media_player:1.1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:videolan:vlc_media_player:1.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:videolan:vlc_media_player:1.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:videolan:vlc_media_player:1.1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:videolan:vlc_media_player:1.1.4:*:*:*:*:*:*:*
  • osv-coords
    pkg:rpm/opensuse/vlc&distro=openSUSE%20Tumbleweed
    Range: < 2.2.4-11.1

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

7

News mentions

0

No linked articles in our index yet.