CVE-2010-3275

EPSS 86.2%

vlc - missing input sanitising

Published: 3/28/2011Modified: 4/28/2026

Also known as:DEBIAN-CVE-2010-3275

Description

libdirectx_plugin.dll in VideoLAN VLC Media Player before 1.1.8 allows remote attackers to execute arbitrary code via a crafted width in an AMV file, related to a "dangling pointer vulnerability."

Affected packages (2)

Debian/vlcfrom 0, < 1.1.8-1
Debian/vlcfrom 0, < 1.1.3-1squeeze4

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2010-3275