CVE-2013-3564

Priority
Description
The web interface in VideoLAN VLC media player before 2.0.7 has no access
control which allows remote attackers to view directory listings via the
'dir' command or issue other commands without authenticating.
Notes
Package
Source: vlc (LP Ubuntu Debian)
Upstream:released (2.0.7-1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):needs-triage
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (3.0.8-0ubuntu18.04.1)
Ubuntu 19.10 (Eoan Ermine):not-affected
Ubuntu 20.04 (Focal Fossa):not-affected
More Information

Updated: 2020-04-24 03:14:59 UTC (commit d3f8a6ed481830fb100109a132bef581fc4176fe)