Download
| Alert*
oval:org.secpod.oval:def:126
The host is installed with VideoLAN VLC Media Player before 1.1.7 and is prone to Denial of service vulnerability. A flaw is present in the MKV demuxer plugin in VideoLAN VLC media player, which fails to validate input within the "MKV_IS_ID" macro in modules/demux/mkv/mkv.hpp of the MKV demuxer. Suc ... oval:org.secpod.oval:def:600196 Dan Rosenberg discovered that insufficient input validation in VLC"s processing of Matroska/WebM containers could lead to the execution of arbitrary code. oval:org.secpod.oval:def:600227 Ricardo Narvaja discovered that missing input sanitising in VLC, a multimedia player and streamer, could lead to the execution of arbitrary code if a user is tricked into opening a malformed media file. This update also provides updated packages for oldstable for vulnerabilities, which have already ... |