Test ID:	1.3.6.1.4.1.25623.1.0.56412
Category:	Debian Local Security Checks
Title:	Debian: Security Advisory (DSA-1004-1)
Summary:	The remote host is missing an update for the Debian 'vlc' package(s) announced via the DSA-1004-1 advisory.
Description:	Summary: The remote host is missing an update for the Debian 'vlc' package(s) announced via the DSA-1004-1 advisory. Vulnerability Insight: Simon Kilvington discovered that specially crafted PNG images can trigger a heap overflow in libavcodec, the multimedia library of ffmpeg, which may lead to the execution of arbitrary code. The vlc media player links statically against libavcodec. The old stable distribution (woody) isn't affected by this problem. For the stable distribution (sarge) this problem has been fixed in version 0.8.1.svn20050314-1sarge1. For the unstable distribution (sid) this problem has been fixed in version 0.8.4.debian-2. We recommend that you upgrade your vlc package. Affected Software/OS: 'vlc' package(s) on Debian 3.1. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2005-4048 BugTraq ID: 15743 http://www.securityfocus.com/bid/15743 Debian Security Information: DSA-1004 (Google Search) http://www.debian.org/security/2006/dsa-1004 Debian Security Information: DSA-1005 (Google Search) http://www.debian.org/security/2006/dsa-1005 Debian Security Information: DSA-992 (Google Search) http://www.us.debian.org/security/2006/dsa-992 http://www.gentoo.org/security/en/glsa/glsa-200601-06.xml http://www.gentoo.org/security/en/glsa/glsa-200602-01.xml http://www.gentoo.org/security/en/glsa/glsa-200603-03.xml http://www.mandriva.com/security/advisories?name=MDKSA-2005:228 http://www.mandriva.com/security/advisories?name=MDKSA-2005:229 http://www.mandriva.com/security/advisories?name=MDKSA-2005:230 http://www.mandriva.com/security/advisories?name=MDKSA-2005:231 http://www.mandriva.com/security/advisories?name=MDKSA-2005:232 http://article.gmane.org/gmane.comp.video.ffmpeg.devel/26558 http://secunia.com/advisories/17892 http://secunia.com/advisories/18066 http://secunia.com/advisories/18087 http://secunia.com/advisories/18107 http://secunia.com/advisories/18400 http://secunia.com/advisories/18739 http://secunia.com/advisories/18746 http://secunia.com/advisories/19114 http://secunia.com/advisories/19192 http://secunia.com/advisories/19272 http://secunia.com/advisories/19279 https://usn.ubuntu.com/230-1/ https://usn.ubuntu.com/230-2/ http://www.vupen.com/english/advisories/2005/2770
Copyright	Copyright (C) 2008 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.