Summary
This host is installed with VLC Media Player and is prone to denial of service vulnerability.
Impact
Successful exploitation will allow attackers to crash the affected application and denying service to legitimate users.
Impact Level: Application
Solution
Upgrade to VLC media player 2.0.4 or later,
For updates refer to http://www.videolan.org/vlc/
Insight
The flaw is due to an error in 'libpng_plugin' when handling a crafted PNG file. Which can be exploited to cause a crash.
Affected
VLC media player version 2.0.3 and prior on Mac OS X
References
Severity
Classification
-
CVE CVE-2012-5470 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:N/A:P
Related Vulnerabilities
- CUPS 'scheduler/select.c' Denial Of Service Vulnerability
- Apache APR-util 'buckets/apr_brigade.c' Denial Of Service Vulnerability
- Adobe Reader 'AcroPDF.DLL' Denial of Service Vulnerability (Windows)
- CUPS '_cupsImageReadTIFF()' Integer Overflow Vulnerability
- Asterisk RTP Text Frames Denial Of Service Vulnerability