Test Kennung:	1.3.6.1.4.1.25623.1.1.10.2013.0241
Kategorie:	Mageia Linux Local Security Checks
Titel:	Mageia: Security Advisory (MGASA-2013-0241)
Zusammenfassung:	The remote host is missing an update for the 'vlc' package(s) announced via the MGASA-2013-0241 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'vlc' package(s) announced via the MGASA-2013-0241 advisory. Vulnerability Insight: 2.0.8 Demux: * sgimb: use after free (fixes #8724 [link moved to references] ) * Improve resistance and checking against malformed MKV files (Check element size before reading it. This should avoid integer overflows inside the libebml causing heap buffer overflow. Since new called by the lib is limited to SIZE_MAX bytes.) Access: * qtsound: fix crash when freeing memory 2.0.7 Input: * Fix memory exhaustion vulnerability when playing specifically crafted playlist files. (stream_ReadLine: correctly return an error on overflow fixes #7361 [link moved to references] ) HTTP Interface: * lua http: Fix two xss vulnerabilities (CVE-2013-3565) Affected Software/OS: 'vlc' package(s) on Mageia 2, Mageia 3. Solution: Please install the updated package(s). CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2013-3565 http://git.videolan.org/gitweb.cgi/vlc.git/?p=vlc.git;a=commitdiff;h=bf02b8dd211d5a52aa301a9a2ff4e73ed8195881 http://lists.opensuse.org/opensuse-updates/2014-03/msg00001.html http://www.videolan.org/developers/vlc-branch/NEWS https://www3.trustwave.com/spiderlabs/advisories/TWSL2013-007.txt
Copyright	Copyright (C) 2022 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.