Summary
The host is installed with VLC Media Player and is prone to buffer overflow vulnerability.
Impact
Successful exploitation could allow attackers to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions.
Impact Level: Application
Solution
Upgrade to the VLC media player version 1.1.11 or later, For updates refer to http://www.videolan.org/
Insight
The flaw is due to missing input validation when allocating memory using certain values from a RealAudio data block within RealMedia (RM) files.
Affected
VLC media player version 1.1.0 to 1.1.10 on Windows.
References
Severity
Classification
-
CVE CVE-2011-2587 -
CVSS Base Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Novell File Reporter 'SRS' Tag Arbitrary File Deletion Vulnerability
- Blue Coat K9 Web Protection Multiple Buffer Overflow Vulnerabilities
- FileZilla Server Buffer Overflow Vulnerability
- Cyrus IMAP Server SIEVE Script Handling Buffer Overflow Vulnerability
- Novell iManager jclient 'EnteredAttrName' Buffer Overflow Vulnerability