Your submission was sent successfully! Close

CVE-2013-3564

Published: 6 February 2020

The web interface in VideoLAN VLC media player before 2.0.7 has no access control which allows remote attackers to view directory listings via the 'dir' command or issue other commands without authenticating.

Priority

Medium

CVSS 3 base score: 5.3

Status

Package Release Status
vlc
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(3.0.8-0ubuntu18.04.1)
eoan Not vulnerable

focal Not vulnerable

groovy Not vulnerable

hirsute Not vulnerable

impish Not vulnerable

jammy Not vulnerable

precise Does not exist

trusty Does not exist

upstream
Released (2.0.7-1)
xenial Ignored
(end of standard support, was needs-triage)