Summary
This host is installed with VLC Media Player and is prone to multiple vulnerabilities.
Impact
Successful exploitation could allow attackers to cause a denial of service or possibly execute arbitrary code via crafted streams.
Impact Level: System/Application
Solution
Upgrade to VLC media player version 2.0.1 or later, For updates refer to http://www.videolan.org/vlc/
Insight
The flaws are due to multiple buffer overflow errors in the application, which allows remote attackers to execute arbitrary code via crafted MMS:// stream and Real RTSP streams.
Affected
VLC media player version prior to 2.0.1 on MAC OS X
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2012-1775, CVE-2012-1776 -
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Adobe Air and Flash Player Multiple Vulnerabilities August-2011 (Windows)
- Adobe Acrobat Multiple Unspecified Vulnerabilities -01 May13 (Mac OS X)
- Adobe Air Multiple Vulnerabilities - October 12 (Windows)
- Adobe ExtendedScript Toolkit (ESTK) Insecure Library Loading Vulnerability (Win)
- Adobe AIR Multiple Vulnerabilities -01 April 13 (Windows)