Detections
Analytics
VLC Media Player < 1.1.6 Multiple Vulnerabilities
high Nessus Plugin ID 51772
Language:
Synopsis
The remote Windows host contains an media player that is affected by multiple vulnerabilities.Description
The version of VLC media player installed on the remote host is earlier than 1.1.6. Such versions are reportedly affected by the following vulnerabilities :- An integer overflow vulnerability exists due a failure to properly parse the header of a Real Media, which could then trigger a heap-based buffer overflow. It is not yet known if this issue can be exploited to execute arbitrary code. (CVE-2010-3907)
- There are two heap corruption vulnerabilities in the CDG decoder that arise because of a failure to validate indices into statically-sized arrays on the heap, which could allow for arbitrary code execution. (CVE-2011-0021)
- The 'StripTags()' function in the USF and Text decoders may scan past the end of a subtitle in an MKV file with an opening '<' char but without a corresponding closing '>' char, resulting in heap memory corruption. (CVE-2011-0522)
Solution
Upgrade to VLC Media Player version 1.1.6 or later.See Also
http://www.nessus.org/u?0c2a0870
http://www.videolan.org/security/sa1007.html
http://www.nessus.org/u?24b9825d
Plugin Details
Severity: High
ID: 51772
File Name: vlc_1_1_6.nasl
Version: 1.11
Type: local
Agent: windows
Family: Windows
Published: 1/27/2011
Updated: 8/6/2018
Supported Sensors: Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: High
Score: 7.4
CVSS v2
Risk Factor: High
Base Score: 9.3
Temporal Score: 7.7
Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C
Vulnerability Information
CPE: cpe:/a:videolan:vlc_media_player
Required KB Items: SMB/VLC/Version
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 1/23/2011
Vulnerability Publication Date: 1/25/2011
Exploitable With
CANVAS (White_Phosphorus)