VLC Media Player 'AMV' Denial Of Service Vulnerability (Linux) Network Vulnerability

Summary

The host is installed with VLC Media Player and is prone to denial of service vulnerability.

Impact

Successful exploitation could allow attackers to cause a denial of service or possibly execute arbitrary code via a malformed AMV file. Impact Level: System/Application

Solution

Upgrade to VLC media player version 1.1.10 or later, For updates refer to http://www.videolan.org/vlc/

Insight

The flaw is due to error while handling 'sp5xdec.c' in the Sunplus SP5X JPEG decoder in libavcodec, performs a write operation outside the bounds of an unspecified array.

Affected

VLC media player version 1.1.9 and prior on Linux.

References

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=624339
http://www.securityfocus.com/archive/1/517706

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-1931

CVSS	Base Score: 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Active Perl Denial of Service Vulnerability Feb 2014 (Windows)
Firefox XUL Parsing Denial of Service Vulnerability (Win)
Apple Safari Denial of Service Vulnerability (Win) - Apr09
Comodo Internet Security Denial of Service Vulnerability-01
COWON Media Center JetAudio .wav File Denial Of Service Vulnerability

VLC Media Player 'AMV' Denial of Service Vulnerability (Linux)

Take action and discover your vulnerabilities