VLC Media Player Buffer Overflow Vulnerability (Linux) Network Vulnerability

Summary

This host is installed with VLC Media Player and is prone to Buffer Overflow Vulnerability.

Impact

Successful exploitation allows attackers to execute arbitrary code by tricking a user into opening a specially crafted .rm file to crash an affected application. Impact Level: Application

Solution

Upgrade to VLC media player 0.9.8 http://www.videolan.org/vlc/

Insight

The flaw is due to a boundary error while parsing ReadRealIndex function in real.c in the Real demuxer plugin.

Affected

VLC media player 0.9.0 through 0.9.7 on Linux (Any).

References

http://www.trapkit.de/advisories/TKADV2008-013.txt
http://www.videolan.org/security/sa0811.html
http://www.vupen.com/english/advisories/2008/3287

Updated on 2015-03-25

Severity

Classification

CVE CVE-2008-5276
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Firefox XSL Parsing Vulnerability (Linux)
7T Interactive Graphical SCADA System 'dc.exe' Command Injection Vulnerability
GoodTech SSH Server SFTP Multiple BOF Vulnerabilities
BreakPoint Software Hex Workshop Denial of Service vulnerability
Adobe Reader/Acrobat JavaScript Method Handling Vulnerability (Linux)

Take action and discover your vulnerabilities