The host is installed with VLC Media Player and is prone buffer overflow vulnerability.
Successful exploitation could allow attackers to execute arbitrary code by tricking a user into opening a malicious file or visiting a specially crafted web page. Impact Level: Application
Upgrade to the VLC media player version 1.1.9 or later, For updates refer to http://download.videolan.org/pub/videolan/vlc/
The flaw is caused by a heap corruption error in the 'MP4_ReadBox_skcr()' [modules/demux/mp4/libmp4.c] function when processing malformed MP4 (MPEG-4 Part 14) data.
VLC media player version prior to 1.1.9 on Windows
- VLC Media Player 'MP4_ReadBox_skcr()' Buffer Overflow Vulnerability (Linux)
- Trend Micro OfficeScan URL Filtering Engine Buffer Overflow Vulnerability
- SlySoft Product(s) Code Execution Vulnerability
- Pango Integer Buffer Overflow Vulnerability
- Microsoft Internet Explorer Buffer Overflow Vulnerability - Jul09