← Back

CVE-2012-5855

nvd nist
Published: Jul 10, 2013Modified: Apr 29, 2026

JSON object

Loading...
4.3
Vector
AV:N/AC:M/Au:N/C:N/I:N/A:P
Exploitability: 8.6 / Impact: 2.9
Source: NVD

Description

The SHAddToRecentDocs function in VideoLAN VLC media player 2.0.4 and earlier might allow user-assisted attackers to cause a denial of service (crash) via a crafted file name that triggers an incorrect string-length calculation when the file is added to VLC. NOTE: it is not clear whether this issue crosses privilege boundaries or whether it can be exploited without user interaction.

Affected (5)

Videolan
1 product
Vlc Media Player
Configuration A
5 vulnerable
Vulnerable SoftwareAffected Versions
Videolan
Vlc Media Player
Up to 2.0.4
Vlc Media Player
Version 2.0.0
Vlc Media Player
Version 2.0.1
Vlc Media Player
Version 2.0.2
Vlc Media Player
Version 2.0.3

Related CWEs

CWE-189
CWE-189

References (6)

Source: cve@mitre.org
Source: cve@mitre.org
Exploit
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.