Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | |||
Test ID: | 1.3.6.1.4.1.25623.1.0.805427 |
Category: | General |
Title: | VLC Media Player Multiple Vulnerabilities Jan15 (MAC OS X) |
Summary: | The host is installed with VLC Media; player and is prone to multiple vulnerabilities. |
Description: | Summary: The host is installed with VLC Media player and is prone to multiple vulnerabilities. Vulnerability Insight: Multiple flaws are due to: - Improper input sanitization by 'picture_Release' function in misc/picture.c. - Improper input sanitization by picture_pool_Delete function in misc/picture_pool.c. Vulnerability Impact: Successful exploitation will allow remote attackers to execute arbitrary code or cause a denial of service. Affected Software/OS: VideoLAN VLC media player 2.1.5 on MAC OS X. Solution: Upgrade to VideoLAN VLC media player version 2.2.0-rc2 or later. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P |
Cross-Ref: |
BugTraq ID: 72106 BugTraq ID: 72105 Common Vulnerability Exposure (CVE) ID: CVE-2014-9598 http://seclists.org/fulldisclosure/2015/Jan/72 https://security.gentoo.org/glsa/201603-08 http://www.binarysniper.net/2015/01/vlc-media-player-215-memory-corruption.html https://trac.videolan.org/vlc/attachment/ticket/13390/windbglog.txt https://trac.videolan.org/vlc/ticket/13390 Common Vulnerability Exposure (CVE) ID: CVE-2014-9597 https://trac.videolan.org/vlc/attachment/ticket/13389/windbglog.txt https://trac.videolan.org/vlc/ticket/13389 |
Copyright | Copyright (C) 2015 Greenbone Networks GmbH |
This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |