The host is installed with VLC media player and is prone to multiple vulnerabilities.

Successful exploitation will allow attackers to conduct a denial of service or potentially compromise a user's system. Impact Level: System/Application

Upgrade to VideoLAN VLC media player version 1.0.6 or later. For updates refer http://www.videolan.org/

Multiple flaws are due to, - Multiple errors in the A/52 audio decoder, DTS audio decoder, MPEG audio decoder, AVI demuxer, ASF demuxer and Matroska demuxer. - An error when processing XSPF playlists. - A use-after-free error when attempting to create a playlist of the contents of a malformed zip archive. - An error in the RTMP implementation.

VideoLAN VLC media player before version 1.0.6 on Windows.

Get the installed version with the help of detect NVT and check the version is vulnerable or not.

• http://osvdb.org/74733
• http://osvdb.org/74734
• http://osvdb.org/74735
• http://osvdb.org/74736
• http://osvdb.org/74737
• http://secunia.com/advisories/39558
• http://www.videolan.org/security/sa1003.html

---

Updated on 2015-03-25