Strix
26.1K

CVE-2018-11529

UnknownEPSS 40.61%

Last modified

CVE-2018-11529 is a vulnerability of currently unknown severity. VideoLAN VLC media player 2.2.x is prone to a use after free vulnerability which an attacker can leverage to execute arbitrary code via crafted MKV files. Failed exploit attempts will likely result in denial of service conditions.. EPSS estimates a 40.61% chance of exploitation in the next 30 days.

Description

VideoLAN VLC media player 2.2.x is prone to a use after free vulnerability which an attacker can leverage to execute arbitrary code via crafted MKV files. Failed exploit attempts will likely result in denial of service conditions.

Metrics

EPSS Probability
40.61%

98.5th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
DebianDebian Linux9.0
VideolanVlc Media Player<= 2.2.8

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2018-11529?
VideoLAN VLC media player 2.2.x is prone to a use after free vulnerability which an attacker can leverage to execute arbitrary code via crafted MKV files. Failed exploit attempts will likely result in denial of service conditions.
How severe is CVE-2018-11529?
Severity scoring for CVE-2018-11529 is pending analysis. The EPSS model estimates a 40.61% probability of exploitation in the next 30 days.
How do I fix CVE-2018-11529?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2018-11529?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST