CVE DATABASE / CVE-2007-3468
CVE-2007-3468
CVSS 7.8 · HIGH
Summary
input.c in VideoLAN VLC Media Player before 0.8.6c allows remote attackers to cause a denial of service (crash) via a crafted WAV file that causes an uninitialized i_nb_resamplers variable to be used.
CVSS 2.0 breakdown
| Base score | 7.8 (HIGH) |
| Vector | AV:N/AC:L/Au:N/C:N/I:N/A:C |
| Attack vector | NETWORK |
| Attack complexity | LOW |
| Confidentiality | NONE |
| Integrity | NONE |
| Availability | COMPLETE |
Affected products
Videolan vlc media player
Check this CVE live
Use our free CVE Lookup tool for the latest NVD record, or browse the full CISA KEV catalog.
References
- http://osvdb.org/38992
- http://secunia.com/advisories/25980
- http://www.debian.org/security/2007/dsa-1332
- http://www.isecpartners.com/advisories/2007-001-vlc.txt
- http://www.securityfocus.com/archive/1/471933/100/0/threaded
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14744
Data: NIST NVD. NVD last modified 2026-04-23. Always verify against the vendor advisory before acting.