Summary
This host is installed with VLC Media Player and is prone to denial of service and remote code execution vulnerability.
Impact
Successful exploitation will allow attackers to cause denial of service and possibly execute arbitrary remote code.
Impact Level: System/Application
Solution
Upgrade to VLC media player version 2.1.0 or later, For updates refer to http://www.videolan.org/vlc
Insight
The flaw exist due to improper handling of a specially crafted M3U file.
Affected
VLC media player version 2.0.8 and prior on Windows
Detection
Get the installed version with the help of detect NVT and check the version is vulnerable or not.
References
Severity
Classification
-
CVE CVE-2013-6283 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Google Chrome Multiple Denial of Service Vulnerabilities - March12 (Mac OS X)
- BitDefender 'pdf.xmd' Module PDF Parsing Remote DoS Vulnerability
- EMC NetWorker 'nsrexecd' RPC Packet Denial of Service Vulnerability
- Adobe Reader '.ETD File' Denial of Service Vulnerability (Mac OS X)
- Apple QuickTime Multiple Vulnerabilities - Jan09 (Win)