Summary
The host is installed with VLC Media Player and is prone to buffer overflow vulnerability.
Impact
Successful exploitation could allow attackers to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions.
Impact Level: Application
Solution
Upgrade to the VLC media player version 1.1.11 or later, For updates refer to http://www.videolan.org/
Insight
The flaw is due to missing input validation when allocating memory using certain values from a RealAudio data block within RealMedia (RM) files.
Affected
VLC media player version 1.1.0 to 1.1.10 on Linux.
References
Severity
Classification
-
CVE CVE-2011-2587 -
CVSS Base Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P
Related Vulnerabilities