ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2015.0329
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2015-0329)
Resumen:	The remote host is missing an update for the 'vlc' package(s) announced via the MGASA-2015-0329 advisory.
Descripción:	Summary: The remote host is missing an update for the 'vlc' package(s) announced via the MGASA-2015-0329 advisory. Vulnerability Insight: Loren Maggiore of Trail of Bits discovered that the 3GP parser of VLC, a multimedia player and streamer, could dereference an arbitrary pointer due to insufficient restrictions on a writable buffer. This could allow remote attackers to execute arbitrary code via crafted 3GP files (CVE-2015-5949). Affected Software/OS: 'vlc' package(s) on Mageia 4. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2015-5949 Bugtraq: 20150820 [oCERT-2015-009] VLC arbitrary pointer dereference (Google Search) http://www.securityfocus.com/archive/1/536287/100/0/threaded Debian Security Information: DSA-3342 (Google Search) http://www.debian.org/security/2015/dsa-3342 https://security.gentoo.org/glsa/201603-08 http://packetstormsecurity.com/files/133266/VLC-2.2.1-Arbitrary-Pointer-Dereference.html https://www.ocert.org/advisories/ocert-2015-009.html http://www.openwall.com/lists/oss-security/2015/08/20/8 http://www.openwall.com/lists/oss-security/2015/08/20/3 SuSE Security Announcement: openSUSE-SU-2016:0476 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00040.html
Copyright	Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.