Summary
This host is installed with VLC Media Player and is prone to denial of service and remote code execution vulnerability.
Impact
Successful exploitation will allow attackers to cause denial of service and possibly execute arbitrary remote code.
Impact Level: System/Application
Solution
Upgrade to VLC media player version 2.1.0 or later, For updates refer to http://www.videolan.org/vlc
Insight
The flaw exist due to improper handling of a specially crafted M3U file.
Affected
VLC media player version 2.0.8 and prior on Linux
Detection
Get the installed version with the help of detect NVT and check the version is vulnerable or not.
References
Severity
Classification
-
CVE CVE-2013-6283 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Apple QuickTime Multiple Denial Of Service Vulnerabilities (Win)
- Google Chrome Multiple Denial of Service Vulnerabilities - January12 (Linux)
- Adobe Reader '.ETD File' Denial of Service Vulnerability (Windows)
- CesarFTP MKD Command Buffer Overflow
- Adobe Reader/Acrobat JavaScript Method Handling Vulnerability (Linux)