Debian Security Advisory DSA 1252-1 (vlc) Network Vulnerability

Summary

The remote host is missing an update to vlc announced via advisory DSA 1252-1. Kevin Finisterre discovered several format string problems in vlc, a multimedia player and streamer, that could lead to the execution of arbitrary code.

Solution

For the stable distribution (sarge) this problem has been fixed in version 0.8.1.svn20050314-1sarge2. For the testing distribution (etch) this problem has been fixed in version 0.8.6-svn20061012.debian-3. For the unstable distribution (sid) this problem has been fixed in version 0.8.6.a.debian-1. We recommend that you upgrade your vlc packages. https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201252-1

Severity

Classification

CVE CVE-2007-0017

CVSS	Base Score: 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Debian Security Advisory DSA 006-1 (zope)
Debian Security Advisory DSA 1152-1 (trac)
Debian Security Advisory DSA 1062-1 (kphone)
Debian Security Advisory DSA 1065-1 (hostapd)
Debian Security Advisory DSA 1079-1 (mysql-dfsg)

Take action and discover your vulnerabilities