ID de Prueba:	1.3.6.1.4.1.25623.1.0.801565
Categoría:	Buffer overflow
Título:	VLC Media Player Real Demuxer File Handling Array Indexing Vulnerabilities - Windows
Resumen:	VLC media player is prone to array indexing vulnerabilities.
Descripción:	Summary: VLC media player is prone to array indexing vulnerabilities. Vulnerability Insight: This issue is caused by an array indexing error in the 'Close()' and 'DemuxAudioMethod1()' [modules/demux/real.c] functions within the Real demuxer when processing a Real Media file with a zero 'i_subpackets' value. Vulnerability Impact: Successful exploitation will allow the attackers to crash an affected application or compromise a vulnerable system by convincing a user to open a malicious media file or to visit a specially crafted web page. Affected Software/OS: VLC Media Player version 1.1.5 and prior. Solution: Upgrade to VLC version 1.1.6 or apply patch from below link. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-3907 BugTraq ID: 45632 http://www.securityfocus.com/bid/45632 http://www.cs.brown.edu/people/drosenbe/research.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13950 http://www.vupen.com/english/advisories/2010/3345 XForce ISS Database: vlcmediaplayer-realdemuxer-code-exec(64461) https://exchange.xforce.ibmcloud.com/vulnerabilities/64461
Copyright	Copyright (C) 2011 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.