Download
| Alert*
|
oval:org.secpod.oval:def:41157
Several vulnerabilities have been found in VLC, the VideoLAN project"s media player. Processing malformed subtitles or movie files could lead to denial of service and potentially the execution of arbitrary code. oval:org.secpod.oval:def:608 The host is installed with VLC Media Player before 1.1.8 and is prone to arbitrary code execution vulnerability. A flaw is present in the application which is caused by a memory corruption error in the "libdirectx" plugin when processing malformed NSV data. Successful exploitation allows remote atta ... oval:org.secpod.oval:def:607 The host is installed with VLC Media Player before 1.1.8 and is prone to arbitrary code execution vulnerability. A flaw is present in the application which is caused due to an error when processing video files with large dimensions. Successful exploitation could allow remote attackers to overflow a ... oval:org.secpod.oval:def:2043 The host is installed with VideoLAN VLC media player 0.5.0 through 1.1.10, and is prone to a heap-based buffer overflow vulnerability. A flaw is present in the AVI_ChunkRead_strf function in libavi.c in the AVI demuxer in the application, which fails to sanitize user supplied input. Successful explo ... oval:org.secpod.oval:def:1981 The host is installed with VideoLAN VLC media player 0.5.0 through 1.1.10, and is prone to a heap-based buffer overflow vulnerability. A flaw is present in the AVI_ChunkRead_strf function in libavi.c in the AVI demuxer in the application, which fails to sanitize user supplied input. Successful explo ... oval:org.secpod.oval:def:30726 The host is installed with VLC Media Player 1.1.9 or earlier and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle a malformed AMV file. Successful exploitation allows remote attacker to cause a denial of service (memory corruption) or possibly ... oval:org.secpod.oval:def:126 The host is installed with VideoLAN VLC Media Player before 1.1.7 and is prone to Denial of service vulnerability. A flaw is present in the MKV demuxer plugin in VideoLAN VLC media player, which fails to validate input within the "MKV_IS_ID" macro in modules/demux/mkv/mkv.hpp of the MKV demuxer. Suc ... oval:org.secpod.oval:def:69 The host is installed with VLC media player and is prone to multiple heap-based buffer overflow vulnerabilities. The flaws are present in cdg.c in the CDG decoder in VideoLAN VLC Media Player before 1.1.6, which are caused by array indexing errors in the "DecodeTileBlock()" and "DecodeScroll()" [mod ... oval:org.secpod.oval:def:16868 The host is installed with vlc media player before 1.1.6 and is prone to multiple integer overflow vulnerabilities. The flaws are present in the application, which fails to properly handle a zero i_subpackets value in a Real Media file. Successful exploitation could allow attackers to execute arbitr ... oval:org.mitre.oval:def:12190 The host is installed with VLC Media Player 1.1.3 or below and is prone to an untrusted search path vulnerability in bin/winvlc.c. A flaw is present in the application, which fails to validate user supplied input. Successful exploitation allows attacker to execute arbitrary code and conduct DLL hija ... oval:org.secpod.oval:def:6387 The host is installed with VideoLAN VLC media player before 2.0.2 and is prone to a heap based buffer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted OGG file. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:4835 The host is installed with VideoLAN VLC media player before 2.0.1 and is prone to a stack-based buffer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted MMS:// stream. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:4833 The host is installed with VideoLAN VLC media player before 2.0.1 and is prone to a stack-based buffer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted MMS:// stream. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:4834 The host is installed with VideoLAN VLC media player before 2.0.1 and is prone to a heap-based buffer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted Real RTSP stream. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:4836 The host is installed with VideoLAN VLC media player before 2.0.1 and is prone to a heap-based buffer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted Real RTSP stream. Successful exploitation could allow attackers to crash the service. |
