Detections
Analytics

VLC Media Player < 0.8.6h Multiple Vulnerabilities (deprecated)

high Nessus Network Monitor Plugin ID 4562

Synopsis

The remote Windows host contains a media player that is affected by several vulnerabilities.

Description

The version of VLC Media Player installed on the remote host reportedly includes versions of GnuTLS, libgcrypt and libxml2 that are affected by various denial of service and buffer overflow vulnerabilities.

Solution

Upgrade to version 0.8.6h or higher.

See Also

http://www.videolan.org/developers/vlc/NEWS

Plugin Details

Severity: High

ID: 4562

Family: Web Clients

Published: 8/18/2004

Updated: 3/6/2019

Nessus ID: 33278

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS v3

Risk Factor: High

Base Score: 7.3

Temporal Score: 6.4

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Reference Information

CVE: CVE-2007-6284, CVE-2008-1948, CVE-2008-1949, CVE-2008-1950

BID: 27248, 29292