VLC Media Player Multiple Vulnerabilities - Mar 12 (Linux) Network Vulnerability

Summary

This host is installed with VLC Media Player and is prone to multiple vulnerabilities.

Impact

Successful exploitation could allow attackers to cause a denial of service or possibly execute arbitrary code via crafted streams. Impact Level: System/Application

Solution

Upgrade to VLC media player version 2.0.1 or later For updates refer to http://www.videolan.org/vlc/

Insight

The flaws are due to multiple buffer overflow errors in the application, which allows remote attackers to execute arbitrary code via crafted MMS:// stream and Real RTSP streams.

Affected

VLC media player version prior to 2.0.1 on Linux

References

http://www.videolan.org/security/sa1201.html
http://www.videolan.org/security/sa1202.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2012-1775, CVE-2012-1776
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe Acrobat Out-of-bounds Vulnerability Feb15 (Mac OS X)
Adobe Dreamweaver Insecure Library Loading Vulnerability
Adobe Flash Player Buffer Overflow Vulnerability - Apr14 (Linux)
Adobe Air and Flash Player Multiple Vulnerabilities August-2011 (Windows)
Adobe Acrobat Multiple Vulnerabilities -01 Jan 13 (Windows)

Take action and discover your vulnerabilities