VLC Media Player Real Demuxer File Handling Array Indexing Vulnerabilities (Win) Network Vulnerability

Summary

This host is installed with VLC media player and is prone to array indexing vulnerabilities.

Impact

Successful exploitation will allow the attackers to crash an affected application or compromise a vulnerable system by convincing a user to open a malicious media file or to visit a specially crafted web page. Impact Level: Application.

Solution

Upgrade to VLC version 1.1.6 or apply patch from below link, For updates refer to http://www.videolan.org/vlc/

Insight

This issue is caused by an array indexing error in the 'Close()' and 'DemuxAudioMethod1()' [modules/demux/real.c] functions within the Real demuxer when processing a Real Media file with a zero 'i_subpackets' value.

Affected

VLC Media Player version 1.1.5 and prior.

References

http://www.cs.brown.edu/people/drosenbe/research.html
http://www.videolan.org/security/sa1007.html
http://www.vupen.com/english/advisories/2010/3345

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-3907
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

CursorArts ZipWrangler 'ZIP Processing' Buffer Overflow Vulnerability
DesignWorks Professional '.cct' File BOF Vulnerability
Adobe Reader 'XFDF' File Buffer Overflow Vulnerability (Linux)
Apple QuickTime Multiple Buffer Overflow Vulnerabilities (Windows)
CA ARCserve Backup Multiple Bufffer Overflow Vulnerabilities

Take action and discover your vulnerabilities