CVE-2011-0522

The StripTags function in (1) the USF decoder (modules/codec/subtitles/subsdec.c) and (2) the Text decoder (modules/codec/subtitles/subsusf.c) in VideoLAN VLC Media Player 1.1 before 1.1.6-rc allows remote attackers to execute arbitrary code via a subtitle with an opening "<" without a closing ">" in an MKV file, which triggers heap memory corruption, as demonstrated using refined-australia-blu720p-sample.mkv.
Severity
UNKNOWN
AV:N/AC:M/Au:N/C:P/I:P/A:P
Atk. Vector
NETWORK
Atk. Complexity
MEDIUM
Base Score
CVSS 3.x
EPSS Score
Percentile: 98%
VendorProductVersion
videolanvlc_media_player
1.1.0
videolanvlc_media_player
1.1.1
videolanvlc_media_player
1.1.2
videolanvlc_media_player
1.1.3
videolanvlc_media_player
1.1.4
videolanvlc_media_player
1.1.5
videolanvlc_media_player
1.1.6
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
vlc
bullseye (security)
3.0.21-0+deb11u1
fixed
bullseye
3.0.21-0+deb11u1
fixed
bookworm
3.0.21-0+deb12u1
fixed
bookworm (security)
3.0.21-0+deb12u1
fixed
sid
3.0.21-2
fixed
trixie
3.0.21-2
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
vlc
natty
not-affected
maverick
Fixed 1.1.4-1ubuntu1.3
released
lucid
Fixed 1.0.6-1ubuntu1.4
released
karmic
ignored
hardy
ignored
dapper
ignored