Summary
The host is installed with VLC media player
and is prone to multiple vulnerabilities.
Impact
Successful exploitation will allow
attackers to conduct a denial of service or potentially compromise a user's system.
Impact Level: System/Application
Solution
Upgrade to VideoLAN VLC media player
version 1.0.6 or later. For updates refer http://www.videolan.org/
Insight
Multiple flaws are due to,
- Multiple errors in the A/52 audio decoder, DTS audio decoder, MPEG audio decoder, AVI demuxer, ASF demuxer and Matroska demuxer.
- An error when processing XSPF playlists.
- A use-after-free error when attempting to create a playlist of the contents of a malformed zip archive.
- An error in the RTMP implementation.
Affected
VideoLAN VLC media player before 1.0.6
on Linux.
Detection
Get the installed version with the help
of detect NVT and check the version is vulnerable or not.
References
Severity
Classification
-
CVE CVE-2010-1441, CVE-2010-1442, CVE-2010-1443, CVE-2010-1444, CVE-2010-1445 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Adobe AIR Multiple Vulnerabilities(APSB14-22)-(Windows)
- Adobe Flash Player Buffer Overflow Vulnerability - Apr14 (Mac OS X)
- Adobe Acrobat and Reader PDF Handling Code Execution Vulnerability (Mac OS X)
- Adobe Flash Media Server multiple vulnerabilities
- Adobe AIR Code Execution and DoS Vulnerabilities Nov13 (Windows)