CVE-2007-6681
vlc - several vulnerabilities
EPSS 39.0%
Description
Stack-based buffer overflow in modules/demux/subtitle.c in VideoLAN VLC 0.8.6d allows remote attackers to execute arbitrary code via a long subtitle in a (1) MicroDvd, (2) SSA, and (3) Vplayer file.
How to fix CVE-2007-6681
To remediate CVE-2007-6681, upgrade the affected package to a fixed version below.
- Debian/vlc—upgrade to 0.8.6.c-4.1 or later
- Debian/vlc—upgrade to 0.8.6-svn20061012.debian-5.1+etch2 or later
Is CVE-2007-6681 being exploited?
Moderate — EPSS is 39.0%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (2)
- from 0, < 0.8.6.c-4.1
- from 0, < 0.8.6-svn20061012.debian-5.1+etch2