General : VLC Media Player Multiple Vulnerabilities Jun19 (Windows)

Búsqueda de Vulnerabilidad		Buscar 219043 Descripciones CVE y 99761 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.815204

Categoría: General

Título: VLC Media Player Multiple Vulnerabilities Jun19 (Windows)

Resumen: VLC media player is prone to multiple vulnerabilities.

Descripción: Summary:
VLC media player is prone to multiple vulnerabilities.

Vulnerability Insight:
Multiple flaws exist due to:

- An out of bounds write error in faad2 library.

- Multiple out-of-band read errors.

- Multiple heap overflow errors.

- A NULL pointer dereference error.

- Multiple use-after-free issues.

- An integer underflow error.

- Multiple integer overflow errors.

- A division by zero error.

- A floating point exception error.

- An infinite loop error.

Vulnerability Impact:
Successful exploitation will allow attackers
to execute arbitrary code in the context of the affected application, cause
denial of service or launch other attacks.

Affected Software/OS:
VideoLAN VLC media player version before 3.0.7 on Windows.

Solution:
Upgrade to version 3.0.7 or later. Please see the
references for more information.

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2019-5439
BugTraq ID: 108769
http://www.securityfocus.com/bid/108769
https://security.gentoo.org/glsa/201908-23
https://hackerone.com/reports/484398
SuSE Security Announcement: openSUSE-SU-2019:1840 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00005.html
SuSE Security Announcement: openSUSE-SU-2019:1897 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00037.html
SuSE Security Announcement: openSUSE-SU-2019:1909 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00040.html
SuSE Security Announcement: openSUSE-SU-2019:2015 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00081.html
https://usn.ubuntu.com/4074-1/

Copyright Copyright (C) 2019 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.815204
Categoría:	General
Título:	VLC Media Player Multiple Vulnerabilities Jun19 (Windows)
Resumen:	VLC media player is prone to multiple vulnerabilities.
Descripción:	Summary: VLC media player is prone to multiple vulnerabilities. Vulnerability Insight: Multiple flaws exist due to: - An out of bounds write error in faad2 library. - Multiple out-of-band read errors. - Multiple heap overflow errors. - A NULL pointer dereference error. - Multiple use-after-free issues. - An integer underflow error. - Multiple integer overflow errors. - A division by zero error. - A floating point exception error. - An infinite loop error. Vulnerability Impact: Successful exploitation will allow attackers to execute arbitrary code in the context of the affected application, cause denial of service or launch other attacks. Affected Software/OS: VideoLAN VLC media player version before 3.0.7 on Windows. Solution: Upgrade to version 3.0.7 or later. Please see the references for more information. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2019-5439 BugTraq ID: 108769 http://www.securityfocus.com/bid/108769 https://security.gentoo.org/glsa/201908-23 https://hackerone.com/reports/484398 SuSE Security Announcement: openSUSE-SU-2019:1840 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00005.html SuSE Security Announcement: openSUSE-SU-2019:1897 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00037.html SuSE Security Announcement: openSUSE-SU-2019:1909 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00040.html SuSE Security Announcement: openSUSE-SU-2019:2015 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00081.html https://usn.ubuntu.com/4074-1/
Copyright	Copyright (C) 2019 Greenbone Networks GmbH