VLC Media Player Buffer Overflow Vulnerability (Win) Network Vulnerability

Summary

This host is installed with VLC Media Player and is prone to Buffer Overflow Vulnerability.

Impact

Successful exploitation allows attackers to execute arbitrary code by tricking a user into opening a specially crafted .rm file to crash an affected application. Impact Level: Application

Solution

Upgrade to VLC media player 0.9.8 http://www.videolan.org/vlc/

Insight

The flaw is due to a boundary error while parsing ReadRealIndex function in real.c in the Real demuxer plugin.

Affected

VLC media player 0.9.0 through 0.9.7 on Windows (Any).

References

http://www.trapkit.de/advisories/TKADV2008-013.txt
http://www.videolan.org/security/sa0811.html
http://www.vupen.com/english/advisories/2008/3287

Updated on 2015-03-25

Severity

Classification

CVE CVE-2008-5276

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

AT-TFTP Server Long Filename BoF Vulnerability
Adobe Reader/Acrobat Denial of Service Vulnerability (May09)
AnalogX SimpleServer:WWW DoS
Allegro Software RomPager 2.10 Denial of Service
7T Interactive Graphical SCADA System 'dc.exe' Command Injection Vulnerability

Take action and discover your vulnerabilities