Summary
This host is installed with VLC Media Player and is prone to Memory Corruption Vulnerability.
Impact
Successful exploitation allows attackers to execute arbitrary code by tricking a user into opening a specially crafted XSPF file or even can crash an affected application.
Impact Level: Application
Solution
Upgrade to Version 0.9.3 or later,
http://www.videolan.org/vlc/
Insight
The flaw exists due to VLC (xspf.c) library does not properly perform bounds checking on an identifier tag from an XSPF file before using it to index an array on the heap.
Affected
VLC media player 0.9.2 and prior Linux.
References
Severity
Classification
-
CVE CVE-2008-4558 -
CVSS Base Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P
Related Vulnerabilities