Summary
This host is installed with VLC Media Player and is prone to Buffer Overflow Vulnerability.
Impact
Successful exploitation allows attackers to execute arbitrary code by tricking a user into opening a specially crafted .rm file to crash an affected application.
Impact Level: Application
Solution
Upgrade to VLC media player 0.9.8
http://www.videolan.org/vlc/
Insight
The flaw is due to a boundary error while parsing ReadRealIndex function in real.c in the Real demuxer plugin.
Affected
VLC media player 0.9.0 through 0.9.7 on Linux (Any).
References
Severity
Classification
-
CVE CVE-2008-5276 -
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Firefox XSL Parsing Vulnerability (Linux)
- 7T Interactive Graphical SCADA System 'dc.exe' Command Injection Vulnerability
- GoodTech SSH Server SFTP Multiple BOF Vulnerabilities
- BreakPoint Software Hex Workshop Denial of Service vulnerability
- Adobe Reader/Acrobat JavaScript Method Handling Vulnerability (Linux)