Summary
The host is installed with VLC Media Player and is prone to denial of service vulnerability.
Impact
Successful exploitation could allow attackers to cause a denial of service or possibly execute arbitrary code via a malformed AMV file.
Impact Level: System/Application
Solution
Upgrade to VLC media player version 1.1.10 or later, For updates refer to http://www.videolan.org/vlc/
Insight
The flaw is due to error while handling 'sp5xdec.c' in the Sunplus SP5X JPEG decoder in libavcodec, performs a write operation outside the bounds of an unspecified array.
Affected
VLC media player version 1.1.9 and prior on Linux.
References
Severity
Classification
-
CVE CVE-2011-1931 -
CVSS Base Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Firefox XUL Parsing Denial of Service Vulnerability (Win)
- Asterisk RTP Text Frames Denial Of Service Vulnerability
- ClamAV 'cli_pdf()' and 'cli_scanicon()' Denial of Service Vulnerabilities (Win
- Freefloat FTP Server 'ALLO' Command Remote Buffer Overflow Vulnerability
- ClamAV Hash Manager Off-By-One Denial of Service Vulnerability (Win)