ID de Prueba:	1.3.6.1.4.1.25623.1.0.800112
Categoría:	Denial of Service
Título:	VLC Media Player XSPF Playlist Memory Corruption Vulnerability - Windows
Resumen:	VLC Media Player is prone to a memory corruption vulnerability.
Descripción:	Summary: VLC Media Player is prone to a memory corruption vulnerability. Vulnerability Insight: The flaw exists due to VLC (xspf.c) library does not properly perform bounds checking on an identifier tag from an XSPF file before using it to index an array on the heap. Vulnerability Impact: Successful exploitation allows attackers to execute arbitrary code by tricking a user into opening a specially crafted XSPF file or even can crash an affected application. Affected Software/OS: VLC media player 0.9.2 and prior Windows (Any). Solution: Upgrade to Version 0.9.3 or later. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2008-4558 BugTraq ID: 31758 http://www.securityfocus.com/bid/31758 Bugtraq: 20081014 CORE-2008-1010: VLC media player XSPF Memory Corruption (Google Search) http://www.securityfocus.com/archive/1/497354/100/0/threaded http://www.exploit-db.com/exploits/6756 http://www.coresecurity.com/content/vlc-xspf-memory-corruption https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14726 http://secunia.com/advisories/32267 http://www.vupen.com/english/advisories/2008/2826 XForce ISS Database: vlc-parsetracknode-code-execution(45869) https://exchange.xforce.ibmcloud.com/vulnerabilities/45869
Copyright	Copyright (C) 2008 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.