VLC Media Player Multiple Vulnerabilities - July 13 (MAC OS X) Network Vulnerability

Summary

This host is installed with VLC Media Player and is prone to multiple vulnerabilities.

Impact

Successful exploitation will allow attackers to overflow buffer, cause denial of service or potentially execution of arbitrary code.

Solution

Upgrade to VLC media player version 2.0.5 or later, For updates refer to http://www.videolan.org/vlc

Insight

Multiple flaws due to, - Error in 'SHAddToRecentDocs()' function. - Error due to improper validation of user supplied inputs when handling HTML subtitle files.

Affected

VLC media player version 2.0.4 and prior on MAC OS X

Detection

Get the installed version with the help of detect NVT and check the version is vulnerable or not.

References

http://osvdb.org/88077
http://osvdb.org/88813
http://www.videolan.org/news.html
http://xforce.iss.net/xforce/xfdb/79823

Updated on 2015-03-25

Severity

Classification

CVE CVE-2012-5855, CVE-2013-1868
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe Acrobat and Reader Multiple Vulnerabilities -July10 (Windows)
Adobe Acrobat Multiple Vulnerabilities-01 Sep14 (Windows)
Adobe AIR Multiple Vulnerabilities-01 Jan15 (Windows)
Adobe AIR Multiple Vulnerabilities(APSB14-24)-(Windows)
Adobe AIR Multiple Vulnerabilities -01 Feb13 (Windows)

Take action and discover your vulnerabilities