Test Kennung:	1.3.6.1.4.1.25623.1.0.801783
Kategorie:	Buffer overflow
Titel:	VLC Media Player 'MP4_ReadBox_skcr()' Buffer Overflow Vulnerability - Linux
Zusammenfassung:	VLC Media Player is prone to a buffer overflow vulnerability.
Beschreibung:	Summary: VLC Media Player is prone to a buffer overflow vulnerability. Vulnerability Insight: The flaw is caused by a heap corruption error in the 'MP4_ReadBox_skcr()' [modules/demux/mp4/libmp4.c] function when processing malformed MP4 (MPEG-4 Part 14) data. Vulnerability Impact: Successful exploitation could allow attackers to execute arbitrary code by tricking a user into opening a malicious file or visiting a specially crafted web page. Affected Software/OS: VLC media player version prior to 1.1.9 on Linux Solution: Upgrade to the VLC media player version 1.1.9 or later. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2011-1684 BugTraq ID: 47293 http://www.securityfocus.com/bid/47293 Debian Security Information: DSA-2218 (Google Search) http://www.debian.org/security/2011/dsa-2218 http://openwall.com/lists/oss-security/2011/04/11/17 http://openwall.com/lists/oss-security/2011/04/13/14 http://openwall.com/lists/oss-security/2011/04/13/17 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14741 http://securitytracker.com/id?1025373 http://secunia.com/advisories/43890 http://secunia.com/advisories/44022 http://www.vupen.com/english/advisories/2011/0916 http://www.vupen.com/english/advisories/2011/0954 XForce ISS Database: vlcmediaplayer-mp4readboxskcr-bo(66664) https://exchange.xforce.ibmcloud.com/vulnerabilities/66664
Copyright	Copyright (C) 2011 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.