Candidate: CVE-2013-3564
PublicDate: 2020-02-06 22:15:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3564
 https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=18864
 https://www3.trustwave.com/spiderlabs/advisories/TWSL2013-007.txt
Description:
 The web interface in VideoLAN VLC media player before 2.0.7 has no access
 control which allows remote attackers to view directory listings via the
 'dir' command or issue other commands without authenticating.
Ubuntu-Description:
Notes:
Mitigation:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N [5.3 MEDIUM]


Patches_vlc:
upstream_vlc: released (2.0.7-1)
precise/esm_vlc: DNE
trusty_vlc: ignored (out of standard support)
trusty/esm_vlc: DNE
xenial_vlc: ignored (end of standard support, was needs-triage)
bionic_vlc: not-affected (3.0.8-0ubuntu18.04.1)
eoan_vlc: not-affected
focal_vlc: not-affected
groovy_vlc: not-affected
hirsute_vlc: not-affected
impish_vlc: not-affected
jammy_vlc: not-affected
devel_vlc: not-affected