Anfälligkeitssuche        Suche in 172616 CVE Beschreibungen
und 81291 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.812504
Kategorie:Denial of Service
Titel:VLC Media Player 'MP4 Demux Module' DoS Vulnerability (Windows)
Zusammenfassung:The host is installed with VLC media player; and is prone to a denial of service vulnerability.
Beschreibung:Summary:
The host is installed with VLC media player
and is prone to a denial of service vulnerability.

Vulnerability Insight:
The flaw is due to a type conversion error
in 'modules/demux/mp4/libmp4.c' in the MP4 demux module leading to a invalid
free, because the type of a box may be changed between a read operation and a
free operation.

Vulnerability Impact:
Successful exploitation will allow remote
attackers to cause a denial-of-service condition. Given the nature of this
issue, attackers may also be able to execute arbitrary code, but this has not
been confirmed.

Affected Software/OS:
VideoLAN VLC media player 2.2.8 and prior
on Windows.

Solution:
Update to version 3.0.1 or later

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Querverweis: BugTraq ID: 102214
Common Vulnerability Exposure (CVE) ID: CVE-2017-17670
CopyrightCopyright (C) 2017 Greenbone Networks GmbH

Dies ist nur einer von 81291 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.