|Category:||Denial of Service|
|Title:||VLC Media Player XSPF Playlist Memory Corruption Vulnerability (Win)|
|Summary:||Check for the Version of VLC Media Player|
Overview: This host is installed with VLC Media Player and is prone to
Memory Corruption Vulnerability.
The flaw exists due to VLC (xspf.c) library does not properly perform bounds
checking on an identifier tag from an XSPF file before using it to index an
array on the heap.
Impact: Successful exploitation allows attackers to execute arbitrary code by
tricking a user into opening a specially crafted XSPF file or even can crash
an affected application.
Impact Level: Application
VLC media player 0.9.2 and prior Windows (Any).
Fix: Upgrade to Version 0.9.3 or later,
BugTraq ID: 31758|
Common Vulnerability Exposure (CVE) ID: CVE-2008-4558
Bugtraq: 20081014 CORE-2008-1010: VLC media player XSPF Memory Corruption (Google Search)
XForce ISS Database: vlc-parsetracknode-code-execution(45869)
|Copyright||Copyright (C) 2008 Greenbone Networks GmbH|
|This is only one of 40246 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.