Denial of Service : VLC Media Player TY Processing Buffer Overflow Vulnerability

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.800116

Categoría: Denial of Service

Título: VLC Media Player TY Processing Buffer Overflow Vulnerability - Windows

Resumen: VLC Media Player is prone to a buffer overflow vulnerability.

Descripción: Summary:
VLC Media Player is prone to a buffer overflow vulnerability.

Vulnerability Insight:
The flaw is due to a boundary error while parsing the header of an
invalid TY file.

Vulnerability Impact:
Successful exploitation allows attackers to execute arbitrary code
by tricking a user into opening a specially crafted TY file or can even crash an affected application.

Affected Software/OS:
VLC media player 0.9.0 through 0.9.4 on Windows (Any).

Solution:
Update to Version 0.9.5 or later.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2008-4654
BugTraq ID: 31813
http://www.securityfocus.com/bid/31813
Bugtraq: 20081020 [TKADV2008-010] VLC media player TiVo ty Processing Stack Overflow Vulnerability (Google Search)
http://www.securityfocus.com/archive/1/497587/100/0/threaded
http://www.trapkit.de/advisories/TKADV2008-010.txt
http://www.openwall.com/lists/oss-security/2008/10/19/2
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14803
http://secunia.com/advisories/32339
http://securityreason.com/securityalert/4460
http://www.vupen.com/english/advisories/2008/2856
XForce ISS Database: vlcmediaplayer-ty-bo(45960)
https://exchange.xforce.ibmcloud.com/vulnerabilities/45960
Common Vulnerability Exposure (CVE) ID: CVE-2008-4686
BugTraq ID: 31867
http://www.securityfocus.com/bid/31867
http://www.openwall.com/lists/oss-security/2008/10/22/6
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14630

Copyright Copyright (C) 2008 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.800116
Categoría:	Denial of Service
Título:	VLC Media Player TY Processing Buffer Overflow Vulnerability - Windows
Resumen:	VLC Media Player is prone to a buffer overflow vulnerability.
Descripción:	Summary: VLC Media Player is prone to a buffer overflow vulnerability. Vulnerability Insight: The flaw is due to a boundary error while parsing the header of an invalid TY file. Vulnerability Impact: Successful exploitation allows attackers to execute arbitrary code by tricking a user into opening a specially crafted TY file or can even crash an affected application. Affected Software/OS: VLC media player 0.9.0 through 0.9.4 on Windows (Any). Solution: Update to Version 0.9.5 or later. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2008-4654 BugTraq ID: 31813 http://www.securityfocus.com/bid/31813 Bugtraq: 20081020 [TKADV2008-010] VLC media player TiVo ty Processing Stack Overflow Vulnerability (Google Search) http://www.securityfocus.com/archive/1/497587/100/0/threaded http://www.trapkit.de/advisories/TKADV2008-010.txt http://www.openwall.com/lists/oss-security/2008/10/19/2 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14803 http://secunia.com/advisories/32339 http://securityreason.com/securityalert/4460 http://www.vupen.com/english/advisories/2008/2856 XForce ISS Database: vlcmediaplayer-ty-bo(45960) https://exchange.xforce.ibmcloud.com/vulnerabilities/45960 Common Vulnerability Exposure (CVE) ID: CVE-2008-4686 BugTraq ID: 31867 http://www.securityfocus.com/bid/31867 http://www.openwall.com/lists/oss-security/2008/10/22/6 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14630
Copyright	Copyright (C) 2008 Greenbone AG