Test Kennung:	1.3.6.1.4.1.25623.1.0.800113
Kategorie:	Denial of Service
Titel:	VLC Media Player XSPF Playlist Memory Corruption Vulnerability (Linux)
Zusammenfassung:	This host is installed with VLC Media Player and is prone to; Memory Corruption Vulnerability.
Beschreibung:	Summary: This host is installed with VLC Media Player and is prone to Memory Corruption Vulnerability. Vulnerability Insight: The flaw exists due to VLC (xspf.c) library does not properly perform bounds checking on an identifier tag from an XSPF file before using it to index an array on the heap. Vulnerability Impact: Successful exploitation allows attackers to execute arbitrary code by tricking a user into opening a specially crafted XSPF file or even can crash an affected application. Affected Software/OS: VLC media player 0.9.2 and prior Linux. Solution: Upgrade to Version 0.9.3 or later. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Querverweis:	BugTraq ID: 31758 Common Vulnerability Exposure (CVE) ID: CVE-2008-4558 http://www.securityfocus.com/bid/31758 Bugtraq: 20081014 CORE-2008-1010: VLC media player XSPF Memory Corruption (Google Search) http://www.securityfocus.com/archive/1/497354/100/0/threaded http://www.exploit-db.com/exploits/6756 http://www.coresecurity.com/content/vlc-xspf-memory-corruption https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14726 http://secunia.com/advisories/32267 http://www.vupen.com/english/advisories/2008/2826 XForce ISS Database: vlc-parsetracknode-code-execution(45869) https://exchange.xforce.ibmcloud.com/vulnerabilities/45869
Copyright	Copyright (C) 2008 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.