Suse
CVE-2025-51602
MEDIUM
Severity by source
AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L
Primary rating from NVD.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L
Lifecycle Timeline
2DescriptionCVE.org
mmstu.c in VideoLAN VLC media player before 3.0.22 allows an out-of-bounds read and denial of service via a crafted 0x01 response from an MMS server.
AnalysisAI
mmstu.c in VideoLAN VLC media player versions up to 3.0.22 is affected by out-of-bounds read (CVSS 4.8).
Technical ContextAI
This vulnerability (CWE-125: Out-of-bounds Read) affects mmstu.c in VideoLAN VLC media player. mmstu.c in VideoLAN VLC media player before 3.0.22 allows an out-of-bounds read and denial of service via a crafted 0x01 response from an MMS server.
Affected ProductsAI
Product: mmstu.c in VideoLAN VLC media player. Versions: up to 3.0.22.
RemediationAI
Monitor vendor advisories for a patch. Restrict network access to the affected service where possible.
Same weakness CWE-125 – Out-of-bounds Read
View allSame technique Denial Of Service
View allVendor StatusVendor
SUSE
Severity: MediumShare
External POC / Exploit Code
Leaving vuln.today