VLC Media Player 'AMV' Denial Of Service Vulnerability (Windows) Network Vulnerability

Summary

The host is installed with VLC Media Player and is prone to denial of service vulnerability.

Impact

Successful exploitation could allow attackers to cause a denial of service or possibly execute arbitrary code via a malformed AMV file. Impact Level: System/Application

Solution

Upgrade to VLC media player version 1.1.10 or later, For updates refer to http://www.videolan.org/vlc/

Insight

The flaw is due to error while handling 'sp5xdec.c' in the Sunplus SP5X JPEG decoder in libavcodec, performs a write operation outside the bounds of an unspecified array.

Affected

VLC media player version 1.1.9 and prior on Windows.

References

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=624339
http://www.securityfocus.com/archive/1/517706

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-1931

CVSS	Base Score: 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Adobe Reader 'AcroPDF.DLL' Denial of Service Vulnerability (Linux)
Denial Of Service Vulnerability in OpenSSL June-09 (Linux)
Firefox Browser Libxul Memory Leak Remote DoS Vulnerability - Win
Comodo Internet Security Denial of Service Vulnerability July 13
Asterisk T.38 Negotiation Remote Denial Of Service Vulnerability

VLC Media Player 'AMV' Denial of Service Vulnerability (Windows)

Take action and discover your vulnerabilities