Buffer overflow : VLC Media Player ASS File Buffer Overflow Vulnerability

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.800444

Categoría: Buffer overflow

Título: VLC Media Player ASS File Buffer Overflow Vulnerability - Windows

Resumen: VLC Media Player is prone to Stack-Based Buffer Overflow Vulnerability.

Descripción: Summary:
VLC Media Player is prone to Stack-Based Buffer Overflow Vulnerability.

Vulnerability Insight:
The flaw exists due to stack-based buffer overflow error in Aegisub Advanced
SubStation ('.ass') file handler that fails to perform adequate boundary checks on
user-supplied input.

Vulnerability Impact:
Successful exploitation allows attackers to execute arbitrary code, and can
cause application crash.

Affected Software/OS:
VLC Media Player version 0.8.6 on Windows.

Solution:
Upgrade to VLC Media Player version 1.0.5 or later

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2010-0364
BugTraq ID: 37832
http://www.securityfocus.com/bid/37832
http://www.exploit-db.com/exploits/11174
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14342
XForce ISS Database: vlcmediaplayer-asas-bo(55717)
https://exchange.xforce.ibmcloud.com/vulnerabilities/55717

Copyright Copyright (C) 2010 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.800444
Categoría:	Buffer overflow
Título:	VLC Media Player ASS File Buffer Overflow Vulnerability - Windows
Resumen:	VLC Media Player is prone to Stack-Based Buffer Overflow Vulnerability.
Descripción:	Summary: VLC Media Player is prone to Stack-Based Buffer Overflow Vulnerability. Vulnerability Insight: The flaw exists due to stack-based buffer overflow error in Aegisub Advanced SubStation ('.ass') file handler that fails to perform adequate boundary checks on user-supplied input. Vulnerability Impact: Successful exploitation allows attackers to execute arbitrary code, and can cause application crash. Affected Software/OS: VLC Media Player version 0.8.6 on Windows. Solution: Upgrade to VLC Media Player version 1.0.5 or later CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-0364 BugTraq ID: 37832 http://www.securityfocus.com/bid/37832 http://www.exploit-db.com/exploits/11174 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14342 XForce ISS Database: vlcmediaplayer-asas-bo(55717) https://exchange.xforce.ibmcloud.com/vulnerabilities/55717
Copyright	Copyright (C) 2010 Greenbone AG