VLC Media Player ASS File Buffer Overflow Vulnerability (Win) Network Vulnerability

Summary

This host is installed with VLC Media Player and is prone to Stack-Based Buffer Overflow Vulnerability.

Impact

Successful exploitation allows attackers to execute arbitrary code, and can casue application crash. Impact Level: Application

Solution

Upgrade to VLC Media Player version 1.0.5 or later For updates refer to http://www.videolan.org/vlc/

Insight

The flaw exists due to stack-based buffer overflow error in Aegisub Advanced SubStation ('.ass') file handler that fails to perform adequate boundary checks on user-supplied input.

Affected

VLC Media Player version 0.8.6 on Windows.

References

http://www.exploit-db.com/exploits/11174
http://xforce.iss.net/xforce/xfdb/55717

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-0364

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe Reader 'Plug-in' Buffer Overflow Vulnerability (Windows)
Adobe InDesign 'INDD' File Handling Remote Buffer Overflow Vulnerability
Adobe Reader 'XFDF' File Buffer Overflow Vulnerability (Mac OS X)
Adobe Flash Professional JPG Object Processing BOF Vulnerability (Mac OS X)
A-V Tronics InetServ POP3 Denial Of Service Vulnerability

Take action and discover your vulnerabilities