Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2008-2147
Modified
More InfoOfficial Page
Source-cve@mitre.org
View Known Exploited Vulnerability (KEV) details
Published At-12 May, 2008 | 20:20
Updated At-07 Nov, 2023 | 02:02

Untrusted search path vulnerability in VideoLAN VLC before 0.9.0 allows local users to execute arbitrary code via a malicious library under the modules/ or plugins/ subdirectories of the current working directory.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.04.6MEDIUM
AV:L/AC:L/Au:N/C:P/I:P/A:P
CPE Matches
VideoLAN
videolan
>>vlc>>Versions up to 0.8.6(inclusive)
cpe:2.3:a:videolan:vlc:*:*:*:*:*:*:*:*
VideoLAN
videolan
>>vlc>>0.4.6
cpe:2.3:a:videolan:vlc:0.4.6:*:*:*:*:*:*:*
VideoLAN
videolan
>>vlc>>0.5.0
cpe:2.3:a:videolan:vlc:0.5.0:*:*:*:*:*:*:*
VideoLAN
videolan
>>vlc>>0.5.1
cpe:2.3:a:videolan:vlc:0.5.1:*:*:*:*:*:*:*
VideoLAN
videolan
>>vlc>>0.5.1a
cpe:2.3:a:videolan:vlc:0.5.1a:*:*:*:*:*:*:*
VideoLAN
videolan
>>vlc>>0.5.2
cpe:2.3:a:videolan:vlc:0.5.2:*:*:*:*:*:*:*
VideoLAN
videolan
>>vlc>>0.5.3
cpe:2.3:a:videolan:vlc:0.5.3:*:*:*:*:*:*:*
VideoLAN
videolan
>>vlc>>0.6.0
cpe:2.3:a:videolan:vlc:0.6.0:*:*:*:*:*:*:*
VideoLAN
videolan
>>vlc>>0.6.1
cpe:2.3:a:videolan:vlc:0.6.1:*:*:*:*:*:*:*
VideoLAN
videolan
>>vlc>>0.6.2
cpe:2.3:a:videolan:vlc:0.6.2:*:*:*:*:*:*:*
VideoLAN
videolan
>>vlc>>0.7.0
cpe:2.3:a:videolan:vlc:0.7.0:*:*:*:*:*:*:*
VideoLAN
videolan
>>vlc>>0.7.1
cpe:2.3:a:videolan:vlc:0.7.1:*:*:*:*:*:*:*
VideoLAN
videolan
>>vlc>>0.7.2
cpe:2.3:a:videolan:vlc:0.7.2:*:*:*:*:*:*:*
VideoLAN
videolan
>>vlc>>0.8.0
cpe:2.3:a:videolan:vlc:0.8.0:*:*:*:*:*:*:*
VideoLAN
videolan
>>vlc>>0.8.1
cpe:2.3:a:videolan:vlc:0.8.1:*:*:*:*:*:*:*
VideoLAN
videolan
>>vlc>>0.8.2
cpe:2.3:a:videolan:vlc:0.8.2:*:*:*:*:*:*:*
VideoLAN
videolan
>>vlc>>0.8.4
cpe:2.3:a:videolan:vlc:0.8.4:*:*:*:*:*:*:*
VideoLAN
videolan
>>vlc>>0.8.4a
cpe:2.3:a:videolan:vlc:0.8.4a:*:*:*:*:*:*:*
VideoLAN
videolan
>>vlc>>0.8.5
cpe:2.3:a:videolan:vlc:0.8.5:*:*:*:*:*:*:*
VideoLAN
videolan
>>vlc>>0.8.6a
cpe:2.3:a:videolan:vlc:0.8.6a:*:*:*:*:*:*:*
VideoLAN
videolan
>>vlc>>0.8.6b
cpe:2.3:a:videolan:vlc:0.8.6b:*:*:*:*:*:*:*
VideoLAN
videolan
>>vlc>>0.8.6c
cpe:2.3:a:videolan:vlc:0.8.6c:*:*:*:*:*:*:*
VideoLAN
videolan
>>vlc>>0.8.6d
cpe:2.3:a:videolan:vlc:0.8.6d:*:*:*:*:*:*:*
VideoLAN
videolan
>>vlc>>0.8.6e
cpe:2.3:a:videolan:vlc:0.8.6e:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-264Primarynvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://git.videolan.org/?p=vlc.git%3Ba=commit%3Bh=c7cef4fdd8dd72ce0a45be3cda8ba98df5e83181cve@mitre.org
N/A
http://secunia.com/advisories/31317cve@mitre.org
N/A
http://security.gentoo.org/glsa/glsa-200807-13.xmlcve@mitre.org
N/A
http://trac.videolan.org/vlc/ticket/1578cve@mitre.org
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/42377cve@mitre.org
N/A
Change History
0Changes found
Details not found