Test ID:	1.3.6.1.4.1.25623.1.0.800117
Category:	Denial of Service
Title:	VLC Media Player TY Processing BOF Vulnerability - Linux
Summary:	VLC Media Player is prone to a buffer overflow vulnerability.
Description:	Summary: VLC Media Player is prone to a buffer overflow vulnerability. Vulnerability Insight: The flaw is due to a boundary error while parsing the header of an invalid TY file. Vulnerability Impact: Successful exploitation allows attackers to execute arbitrary code by tricking a user into opening a specially crafted TY file or can even crash an affected application. Affected Software/OS: VLC media player 0.9.0 through 0.9.4 on Linux (Any). Solution: Upgrade to Version 0.9.5. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2008-4654 BugTraq ID: 31813 http://www.securityfocus.com/bid/31813 Bugtraq: 20081020 [TKADV2008-010] VLC media player TiVo ty Processing Stack Overflow Vulnerability (Google Search) http://www.securityfocus.com/archive/1/497587/100/0/threaded http://www.trapkit.de/advisories/TKADV2008-010.txt http://www.openwall.com/lists/oss-security/2008/10/19/2 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14803 http://secunia.com/advisories/32339 http://securityreason.com/securityalert/4460 http://www.vupen.com/english/advisories/2008/2856 XForce ISS Database: vlcmediaplayer-ty-bo(45960) https://exchange.xforce.ibmcloud.com/vulnerabilities/45960 Common Vulnerability Exposure (CVE) ID: CVE-2008-4686 BugTraq ID: 31867 http://www.securityfocus.com/bid/31867 http://www.openwall.com/lists/oss-security/2008/10/22/6 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14630
Copyright	Copyright (C) 2008 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.