Unrated severityNVD Advisory· Published Jul 11, 2018· Updated Aug 5, 2024

CVE-2018-11529

Description

VideoLAN VLC media player 2.2.x is prone to a use after free vulnerability which an attacker can leverage to execute arbitrary code via crafted MKV files. Failed exploit attempts will likely result in denial of service conditions.

Affected products

VideoLAN/Vlc Media Playerinferred2 versions
>=2.2.0,<2.3.0+ 1 more
- (no CPE)range: >=2.2.0,<2.3.0
- (no CPE)range: 2.2.x

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.exploit-db.com/exploits/45626/mitreexploitx_refsource_EXPLOIT-DB
www.debian.org/security/2018/dsa-4251mitrevendor-advisoryx_refsource_DEBIAN
seclists.org/fulldisclosure/2018/Jul/28mitremailing-listx_refsource_FULLDISC
www.securitytracker.com/id/1041311mitrevdb-entryx_refsource_SECTRACK

News mentions

ABB Ability Camera Connect
CISA ICS Advisories

cvss	0.000
epss	0.059
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000