VideoLAN VLC Media Player up to 2.0.7 packetizer/mpeg4audio.c LOASParse memory corruption
| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 8.2 | $0-$5k | 0.00 |
Summary
A vulnerability was found in VideoLAN VLC Media Player up to 2.0.7. It has been rated as critical. The affected element is the function LOASParse of the file packetizer/mpeg4audio.c of the component Media Player. The manipulation leads to memory corruption.
This vulnerability is uniquely identified as CVE-2013-4388. The attack is possible to be carried out remotely. No exploit exists.
It is suggested to install a patch to address this issue.
Details
A vulnerability, which was classified as critical, has been found in VideoLAN VLC Media Player up to 2.0.7 (Multimedia Player Software). This issue affects the function LOASParse of the file packetizer/mpeg4audio.c of the component Media Player. The manipulation with an unknown input leads to a memory corruption vulnerability. Using CWE to declare the problem leads to CWE-119. The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer. Impacted is confidentiality, integrity, and availability. The summary by CVE is:
Buffer overflow in the mp4a packetizer (modules/packetizer/mpeg4audio.c) in VideoLAN VLC Media Player before 2.0.8 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.
The weakness was disclosed 08/24/2013 by Laurent Butti as confirmed git commit (GIT Repository). The advisory is shared at git.videolan.org. The public release has been coordinated in cooperation with VideoLAN. The identification of this vulnerability is CVE-2013-4388 since 06/12/2013. The exploitation is known to be difficult. The attack may be initiated remotely. No form of authentication is needed for a successful exploitation. Technical details are known, but no exploit is available.
The vulnerability scanner Nessus provides a plugin with the ID 70560 (VLC < 2.0.9 Buffer Overflow), which helps to determine the existence of the flaw in a target environment. It is assigned to the family Windows. The commercial vulnerability scanner Qualys is able to test this issue with plugin 121380 (VLC Media Player Multiple Vulnerabilities).
Upgrading to version 2.0.8 eliminates this vulnerability. Applying a patch is able to eliminate this problem. The bugfix is ready for download at git.videolan.org. The best possible mitigation is suggested to be patching the affected component. A possible mitigation has been published immediately after the disclosure of the vulnerability.
The vulnerability is also documented in the databases at Tenable (70560), SecurityFocus (BID 62724†), OSVDB (98063†), Secunia (SA59793†) and Vulnerability Center (SBV-41675†). The entries VDB-10074, VDB-65359 and VDB-64456 are pretty similar. If you want to get the best quality for vulnerability data then you always have to consider VulDB.
Product
Type
Vendor
Name
Version
License
Website
- Vendor: https://www.videolan.org/
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vector: 🔍VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 8.6VulDB Meta Temp Score: 8.2
VulDB Base Score: 8.6
VulDB Temp Score: 8.2
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
NVD Base Score: 🔍
Exploiting
Class: Memory corruptionCWE: CWE-119
CAPEC: 🔍
ATT&CK: 🔍
Physical: No
Local: No
Remote: Yes
Availability: 🔍
Status: Proof-of-Concept
Download: 🔍
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
Nessus ID: 70560
Nessus Name: VLC < 2.0.9 Buffer Overflow
Nessus File: 🔍
Nessus Risk: 🔍
Nessus Family: 🔍
OpenVAS ID: 802920
OpenVAS Name: VLC Media Player mp4a Denial of Service Vulnerability (Windows)
OpenVAS File: 🔍
OpenVAS Family: 🔍
Qualys ID: 🔍
Qualys Name: 🔍
Exploit-DB: 🔍
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: PatchStatus: 🔍
Reaction Time: 🔍
0-Day Time: 🔍
Exposure Time: 🔍
Upgrade: VLC Media Player 2.0.8
Patch: git.videolan.org
Timeline
06/12/2013 🔍08/24/2013 🔍
08/24/2013 🔍
09/30/2013 🔍
10/01/2013 🔍
10/04/2013 🔍
10/11/2013 🔍
10/23/2013 🔍
07/10/2014 🔍
05/26/2021 🔍
Sources
Vendor: videolan.orgAdvisory: git.videolan.org
Researcher: Laurent Butti
Status: Confirmed
Confirmation: 🔍
Coordinated: 🔍
CVE: CVE-2013-4388 (🔍)
GCVE (CVE): GCVE-0-2013-4388
GCVE (VulDB): GCVE-100-10577
OVAL: 🔍
SecurityFocus: 62724
Secunia: 59793 - Debian update for vlc, Highly Critical
OSVDB: 98063
SecurityTracker: 1029120
Vulnerability Center: 41675 - VideoLan VLC before 2.0.9 Remote Code Execution via mp4a Packetizer, Medium
See also: 🔍
Entry
Created: 10/04/2013 18:35Updated: 05/26/2021 09:18
Changes: 10/04/2013 18:35 (82), 05/06/2019 07:09 (1), 05/26/2021 09:13 (2), 05/26/2021 09:17 (2), 05/26/2021 09:18 (2)
Complete: 🔍
Committer:
Cache ID: 216:277:103
No comments yet. Languages: en.
Please log in to comment.