cpe:/a:videolan:vlc_media_player:0.8.6 cpe:/a:videolan:vlc_media_player:0.8.6a cpe:/a:videolan:vlc_media_player:0.8.6b CVE-2007-6262 2007-12-05T21:46:00.000-05:00 2017-09-28T21:29:52.253-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2007-12-06T14:07:00.000-05:00 BUGTRAQ 20071204 CORE-2007-1004: VLC Activex Bad Pointer Initialization Vulnerability BID 26675 SECUNIA 27878 SREASON 3420 VUPEN ADV-2007-4061 MISC http://www.coresecurity.com/?action=item&id=2035 CONFIRM http://www.videolan.org/sa0703.html XF vlcmediaplayer-activex-memory-overwrite(38816) A certain ActiveX control in axvlc.dll in VideoLAN VLC 0.8.6 before 0.8.6d allows remote attackers to execute arbitrary code via crafted arguments to the (1) addTarget, (2) getVariable, or (3) setVariable function, resulting from a "bad initialized pointer," aka a "recursive plugin release vulnerability."