Summary
The host is running VLC Media Player, which is prone to a integer overflow vulnerability.
Impact
Remote exploitation will cause application to crash or allow execution of arbitrary code or deny the service.
Impact Level : Application
Solution
Upgrade to VLC Media Player version 1.0 or later,
For updates refer to http://www.videolan.org/
Insight
The flaw is due to an overflow error when processing TTA data in Open() method in modules/demux/tta.c file.
Affected
VLC Media Player version 0.8.6i and prior on Windows (All).
References
Updated on 2017-03-28
Severity
Classification
-
CVE CVE-2008-3732 -
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Apple QuickTime Multiple Vulnerabilities - Jan09 (Win)
- Adobe Reader/Acrobat Denial of Service Vulnerability (May09)
- Adobe Reader Denial of Service Vulnerability (May09)
- Adobe Flash Player/Air Multiple DoS Vulnerabilities - Aug09 (Linux)
- Google Chrome Multiple Denial of Service Vulnerabilities - March12 (Windows)