Test Kennung:	1.3.6.1.4.1.25623.1.0.801565
Kategorie:	Buffer overflow
Titel:	VLC Media Player Real Demuxer File Handling Array Indexing Vulnerabilities - Windows
Zusammenfassung:	VLC media player is prone to array indexing vulnerabilities.
Beschreibung:	Summary: VLC media player is prone to array indexing vulnerabilities. Vulnerability Insight: This issue is caused by an array indexing error in the 'Close()' and 'DemuxAudioMethod1()' [modules/demux/real.c] functions within the Real demuxer when processing a Real Media file with a zero 'i_subpackets' value. Vulnerability Impact: Successful exploitation will allow the attackers to crash an affected application or compromise a vulnerable system by convincing a user to open a malicious media file or to visit a specially crafted web page. Affected Software/OS: VLC Media Player version 1.1.5 and prior. Solution: Upgrade to VLC version 1.1.6 or apply patch from below link. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2010-3907 BugTraq ID: 45632 http://www.securityfocus.com/bid/45632 http://www.cs.brown.edu/people/drosenbe/research.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13950 http://www.vupen.com/english/advisories/2010/3345 XForce ISS Database: vlcmediaplayer-realdemuxer-code-exec(64461) https://exchange.xforce.ibmcloud.com/vulnerabilities/64461
Copyright	Copyright (C) 2011 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.