9.3 - GLSA-201411-01

Executive Summary

This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.

Summary
Title	VLC: Multiple vulnerabilities

Informations
Name	GLSA-201411-01	First vendor Publication	2014-11-05
Vendor	Gentoo	Last vendor Modification	2014-11-05
Severity (Vendor)	Normal	Revision	N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score	9.3	Attack Range	Network
Cvss Impact Score	10	Attack Complexity	Medium
Cvss Expoit Score	8.6	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Synopsis

Multiple vulnerabilities have been found in VLC, the worst of which could lead to user-assisted execution of arbitrary code.

Background

VLC is a cross-platform media player and streaming server.

Description

Multiple vulnerabilities have been discovered in VLC. Please review the CVE identifiers referenced below for details.

Impact

A remote attacker could entice a user to open a specially crafted media file using VLC, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition.

Workaround

There is no known workaround at this time.

Resolution

All VLC users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=media-video/vlc-2.1.2"

References

[ 1 ] CVE-2010-1441 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1441
[ 2 ] CVE-2010-1442 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1442
[ 3 ] CVE-2010-1443 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1443
[ 4 ] CVE-2010-1444 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1444
[ 5 ] CVE-2010-1445 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1445
[ 6 ] CVE-2010-2062 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2062
[ 7 ] CVE-2010-2937 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2937
[ 8 ] CVE-2010-3124 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3124
[ 9 ] CVE-2010-3275 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3275
[ 10 ] CVE-2010-3276 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3276
[ 11 ] CVE-2010-3907 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3907
[ 12 ] CVE-2011-0021 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0021
[ 13 ] CVE-2011-0522 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0522
[ 14 ] CVE-2011-0531 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0531
[ 15 ] CVE-2011-1087 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1087
[ 16 ] CVE-2011-1684 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1684
[ 17 ] CVE-2011-2194 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2194
[ 18 ] CVE-2011-2587 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2587
[ 19 ] CVE-2011-2588 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2588
[ 20 ] CVE-2011-3623 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3623
[ 21 ] CVE-2012-0023 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0023
[ 22 ] CVE-2012-1775 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1775
[ 23 ] CVE-2012-1776 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1776
[ 24 ] CVE-2012-2396 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2396
[ 25 ] CVE-2012-3377 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3377
[ 26 ] CVE-2012-5470 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5470
[ 27 ] CVE-2012-5855 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5855
[ 28 ] CVE-2013-1868 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1868
[ 29 ] CVE-2013-1954 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1954
[ 30 ] CVE-2013-3245 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3245
[ 31 ] CVE-2013-4388 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4388
[ 32 ] CVE-2013-6283 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6283
[ 33 ] CVE-2013-6934 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6934

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201411-01.xml

Original Source

Url : http://security.gentoo.org/glsa/glsa-201411-01.xml

CWE : Common Weakness Enumeration

%	Id	Name
70 %	CWE-119	Failure to Constrain Operations within the Bounds of a Memory Buffer
17 %	CWE-189	Numeric Errors (CWE/SANS Top 25)
10 %	CWE-20	Improper Input Validation
3 %	CWE-399	Resource Management Errors

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:11992

Oval ID:	oval:org.mitre.oval:def:11992
Title:	DSA-2211-1 vlc -- missing input sanitising
Description:	Ricardo Narvaja discovered that missing input sanitising in VLC, a multimedia player and streamer, could lead to the execution of arbitrary code if a user is tricked into opening a malformed media file. This update also provides updated packages for oldstable for vulnerabilities, which have already been addressed in Debian stable , either during the freeze or in DSA-2159
Family:	unix	Class:	patch
Reference(s):	DSA-2211-1 CVE-2010-3275 CVE-2010-3276 CVE-2010-0522 CVE-2010-1441 CVE-2010-1442 CVE-2011-0531	Version:	5
Platform(s):	Debian GNU/Linux 5.0 Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0	Product(s):	vlc
Definition Synopsis:
Release section Debian GNU/Linux 5.0 is installed AND Installed architecture is all AND vlc DPKG is earlier than 0.8.6.h-4+lenny3 OR Release section Debian 6.0 is installed AND GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND Installed architecture is all AND vlc DPKG is earlier than 1.1.3-1squeeze4

Definition Id: oval:org.mitre.oval:def:12190

Oval ID:	oval:org.mitre.oval:def:12190
Title:	Untrusted search path vulnerability in bin/winvlc.c in VLC Media Player 1.1.3 and earlier allows DLL hijacking attacks
Description:	Untrusted search path vulnerability in bin/winvlc.c in VLC Media Player 1.1.3 and earlier allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wintab32.dll that is located in the same folder as a .mp3 file.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2010-3124	Version:	9
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows XP	Product(s):	VLC media player
Definition Synopsis:
VLC media player is installed AND Check if VLC media player installed is less than or equal to 1.1.3

Definition Id: oval:org.mitre.oval:def:12414

Oval ID:	oval:org.mitre.oval:def:12414
Title:	Heap based memory corruption vulnerability in "StripTags()" function within the USF and Text subtitles decoders in VideoLAN VLC Media Player 1.1 before 1.1.6
Description:	The StripTags function in (1) the USF decoder (modules/codec/subtitles/subsdec.c) and (2) the Text decoder (modules/codec/subtitles/subsusf.c) in VideoLAN VLC Media Player 1.1 before 1.1.6-rc allows remote attackers to execute arbitrary code via a subtitle with an opening "<" without a closing ">" in an MKV file, which triggers heap memory corruption, as demonstrated using refined-australia-blu720p-sample.mkv.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2011-0522	Version:	8
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows XP	Product(s):	VLC Media Player
Definition Synopsis:
VLC media player is installed AND Version of VLC Media Player greater than or equal to 1.1.0 and less than 1.1.6

Definition Id: oval:org.mitre.oval:def:12415

Oval ID:	oval:org.mitre.oval:def:12415
Title:	Denial of service vulnerability in the MKV demuxer plugin in VideoLAN VLC media player in VideoLAN VLC Media Player before 1.1.7
Description:	demux/mkv/mkv.hpp in the MKV demuxer plugin in VideoLAN VLC media player 1.1.6.1 and earlier allows remote attackers to cause a denial of service (crash) and execute arbitrary commands via a crafted MKV (WebM or Matroska) file that triggers memory corruption, related to "class mismatching" and the MKV_IS_ID macro.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2011-0531	Version:	9
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows XP	Product(s):	VLC Media Player
Definition Synopsis:
VLC media player is installed AND Check the file libmkv_plugin.dll in plugin directory AND Check if VLC media player version is less than 1.1.7

Definition Id: oval:org.mitre.oval:def:12460

Oval ID:	oval:org.mitre.oval:def:12460
Title:	Multiple heap-based buffer overflow vulnerabilities in VideoLAN VLC Media Player before 1.1.6
Description:	Multiple heap-based buffer overflows in cdg.c in the CDG decoder in VideoLAN VLC Media Player before 1.1.6 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted CDG video.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2011-0021	Version:	7
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows XP	Product(s):	VLC Media Player
Definition Synopsis:
VLC media player is installed AND Check if the version of VLC Media Player is less than 1.1.6

Definition Id: oval:org.mitre.oval:def:12718

Oval ID:	oval:org.mitre.oval:def:12718
Title:	DSA-2159-1 vlc -- missing input sanitising
Description:	Dan Rosenberg discovered that insufficient input validation in VLC's processing of Matroska/WebM containers could lead to the execution of arbitrary code.
Family:	unix	Class:	patch
Reference(s):	DSA-2159-1 CVE-2011-0531	Version:	5
Platform(s):	Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0	Product(s):	vlc
Definition Synopsis:
Debian 6.0 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND Installed architecture is all AND vlc DPKG is earlier than 1.1.3-1squeeze3

Definition Id: oval:org.mitre.oval:def:12757

Oval ID:	oval:org.mitre.oval:def:12757
Title:	DSA-2257-1 kolab-cyrus-imapd -- implementation error
Description:	It was discovered that the STARTTLS implementation of the Kolab Cyrus IMAP server does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted IMAP, LMTP, NNTP and POP3 sessions by sending a cleartext command that is processed after TLS is in place.
Family:	unix	Class:	patch
Reference(s):	DSA-2257-1 CVE-2011-2194	Version:	5
Platform(s):	Debian GNU/Linux 5.0 Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0	Product(s):	kolab-cyrus-imapd
Definition Synopsis:
Release section Debian GNU/Linux 5.0 is installed AND Installed architecture is all AND kolab-cyrus-imapd DPKG is earlier than 2.2.13-5+lenny3 OR Release section Debian 6.0 is installed AND GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND Installed architecture is all AND kolab-cyrus-imapd DPKG is earlier than 2.2.13-9.1

Definition Id: oval:org.mitre.oval:def:13950

Oval ID:	oval:org.mitre.oval:def:13950
Title:	Multiple integer overflows in real.c in the Real demuxer plugin in VideoLAN VLC Media Player before 1.1.6
Description:	Multiple integer overflows in real.c in the Real demuxer plugin in VideoLAN VLC Media Player before 1.1.6 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a zero i_subpackets value in a Real Media file, leading to a heap-based buffer overflow.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2010-3907	Version:	6
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP	Product(s):	VLC Media Player
Definition Synopsis:
VLC media player is installed AND Check if the version of VLC Media Player is less than 1.1.6 AND File libreal_plugin.dll exists in plugin directory

Definition Id: oval:org.mitre.oval:def:14532

Oval ID:	oval:org.mitre.oval:def:14532
Title:	Buffer overflow in VideoLAN VLC media player 1.0.5
Description:	Buffer overflow in VideoLAN VLC media player 1.0.5 allows user-assisted remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted .mp3 file that is played during bookmark creation.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2011-1087	Version:	5
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP	Product(s):	VLC Media Player
Definition Synopsis:
VLC media player is installed AND Version of VLC Media Player equal to 1.0.5

Definition Id: oval:org.mitre.oval:def:14676

Oval ID:	oval:org.mitre.oval:def:14676
Title:	Remote denial of service in the TagLib plugin in VideoLAN VLC media player 0.9.0 through 1.1.2
Description:	The ReadMetaFromId3v2 function in taglib.cpp in the TagLib plugin in VideoLAN VLC media player 0.9.0 through 1.1.2 does not properly process ID3v2 tags, which allows remote attackers to cause a denial of service (application crash) via a crafted media file.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2010-2937	Version:	6
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP	Product(s):	VLC Media Player
Definition Synopsis:
VLC media player is installed AND Version of VLC Media Player greater than or equal to 0.9.0 and less than or equal to 1.1.2

Definition Id: oval:org.mitre.oval:def:14718

Oval ID:	oval:org.mitre.oval:def:14718
Title:	libdirectx_plugin.dll in VideoLAN VLC Media Player before 1.1.8 allows remote attackers to execute arbitrary code via a crafted width in an AMV file, related to a "dangling pointer vulnerability."
Description:	libdirectx_plugin.dll in VideoLAN VLC Media Player before 1.1.8 allows remote attackers to execute arbitrary code via a crafted width in an AMV file, related to a "dangling pointer vulnerability."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2010-3275	Version:	5
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP	Product(s):	VLC Media Player
Definition Synopsis:
VLC media player is installed AND Version of VLC Media Player less than 1.1.8

Definition Id: oval:org.mitre.oval:def:14741

Oval ID:	oval:org.mitre.oval:def:14741
Title:	Heap-based buffer overflow in the MP4_ReadBox_skcr function in libmp4.c in the MP4 demultiplexer in VideoLAN VLC media player
Description:	Heap-based buffer overflow in the MP4_ReadBox_skcr function in libmp4.c in the MP4 demultiplexer in VideoLAN VLC media player 1.x before 1.1.9 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted MP4 file.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2011-1684	Version:	7
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP	Product(s):	VLC Media Player
Definition Synopsis:
VLC media player is installed AND Version of VLC Media Player greater than or equal to 1.0.0 and less than or equal to 1.1.8 AND File libmp4_plugin.dll exists in plugin directory

Definition Id: oval:org.mitre.oval:def:14774

Oval ID:	oval:org.mitre.oval:def:14774
Title:	Integer overflow in the XSPF playlist parser in VideoLAN VLC media player 0.8.5 through 1.1.9
Description:	Integer overflow in the XSPF playlist parser in VideoLAN VLC media player 0.8.5 through 1.1.9 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors that trigger a heap-based buffer overflow.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2011-2194	Version:	5
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP	Product(s):	VLC Media Player
Definition Synopsis:
VLC media player is installed AND Version of VLC Media Player greater than or equal to 0.8.5 and less than or equal to 1.1.8

Definition Id: oval:org.mitre.oval:def:14817

Oval ID:	oval:org.mitre.oval:def:14817
Title:	Multiple heap-based buffer overflows in VideoLAN VLC media player before 2.0.1
Description:	Multiple heap-based buffer overflows in VideoLAN VLC media player before 2.0.1 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Real RTSP stream.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-1776	Version:	5
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP	Product(s):	VLC Media Player
Definition Synopsis:
VLC media player is installed AND Version of VLC Media Player less than 2.0.1

Definition Id: oval:org.mitre.oval:def:14820

Oval ID:	oval:org.mitre.oval:def:14820
Title:	Stack-based buffer overflow in VideoLAN VLC media player before 2.0.1
Description:	Stack-based buffer overflow in VideoLAN VLC media player before 2.0.1 allows remote attackers to execute arbitrary code via a crafted MMS:// stream.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-1775	Version:	5
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP	Product(s):	VLC Media Player
Definition Synopsis:
VLC media player is installed AND Version of VLC Media Player less than 2.0.1

Definition Id: oval:org.mitre.oval:def:14851

Oval ID:	oval:org.mitre.oval:def:14851
Title:	Heap-based buffer overflow in the DemuxAudioSipr function in real.c in the RealMedia demuxer in VideoLAN VLC media player 1.1.x before 1.1.11
Description:	Heap-based buffer overflow in the DemuxAudioSipr function in real.c in the RealMedia demuxer in VideoLAN VLC media player 1.1.x before 1.1.11 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Real Media file.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2011-2587	Version:	5
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP	Product(s):	VLC Media Player
Definition Synopsis:
VLC media player is installed AND Version of VLC Media Player greater than or equal to 1.1.0 and less than 1.1.11

Definition Id: oval:org.mitre.oval:def:14858

Oval ID:	oval:org.mitre.oval:def:14858
Title:	Heap-based buffer overflow in the AVI_ChunkRead_strf function in libavi.c in the AVI demuxer in VideoLAN VLC media player before 1.1.11
Description:	Heap-based buffer overflow in the AVI_ChunkRead_strf function in libavi.c in the AVI demuxer in VideoLAN VLC media player before 1.1.11 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted AVI media file.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2011-2588	Version:	5
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP	Product(s):	VLC Media Player
Definition Synopsis:
VLC media player is installed AND Version of VLC Media Player less than 1.1.11

Definition Id: oval:org.mitre.oval:def:14873

Oval ID:	oval:org.mitre.oval:def:14873
Title:	libdirectx_plugin.dll in VideoLAN VLC Media Player before 1.1.8 allows remote attackers to execute arbitrary code via a crafted width in an NSV file
Description:	libdirectx_plugin.dll in VideoLAN VLC Media Player before 1.1.8 allows remote attackers to execute arbitrary code via a crafted width in an NSV file.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2010-3276	Version:	6
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP	Product(s):	VLC Media Player
Definition Synopsis:
VLC media player is installed AND Version of VLC Media Player less than 1.1.8

Definition Id: oval:org.mitre.oval:def:15299

Oval ID:	oval:org.mitre.oval:def:15299
Title:	Heap-based buffer overflow in the Ogg_DecodePacket function in the OGG demuxer in VideoLAN VLC media player before 2.0.2
Description:	Heap-based buffer overflow in the Ogg_DecodePacket function in the OGG demuxer (modules/demux/ogg.c) in VideoLAN VLC media player before 2.0.2 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted OGG file.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-3377	Version:	5
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP	Product(s):	VLC Media Player
Definition Synopsis:
VLC media player is installed AND Version of VLC Media Player less than 2.0.2

Definition Id: oval:org.mitre.oval:def:15540

Oval ID:	oval:org.mitre.oval:def:15540
Title:	Vulnerability in libpng_plugin in VideoLAN VLC media player 2.0.3
Description:	libpng_plugin in VideoLAN VLC media player 2.0.3 allows remote attackers to cause a denial of service (application crash) via a crafted PNG file.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-5470	Version:	4
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP	Product(s):	VLC Media Player
Definition Synopsis:
VLC media player is installed AND Version of VLC Media Player equals 2.0.3

Definition Id: oval:org.mitre.oval:def:15615

Oval ID:	oval:org.mitre.oval:def:15615
Title:	VideoLAN VLC media player 2.0.1 denial of service via a crafted MP4 file.
Description:	VideoLAN VLC media player 2.0.1 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted MP4 file.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-2396	Version:	5
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP	Product(s):	VLC Media Player
Definition Synopsis:
VLC media player is installed AND Version of VLC Media Player equals 2.0.1

Definition Id: oval:org.mitre.oval:def:15893

Oval ID:	oval:org.mitre.oval:def:15893
Title:	Double free vulnerability in the get_chunk_header function in modules/demux/ty.c in VideoLAN VLC media player 0.9.0 through 1.1.12
Description:	Double free vulnerability in the get_chunk_header function in modules/demux/ty.c in VideoLAN VLC media player 0.9.0 through 1.1.12 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TiVo (TY) file.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-0023	Version:	4
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP	Product(s):	VLC Media Player
Definition Synopsis:
VLC media player is installed AND Version of VLC Media Player greater than or equal to 0.9.0 and less than or equal to 1.1.2

Definition Id: oval:org.mitre.oval:def:16781

Oval ID:	oval:org.mitre.oval:def:16781
Title:	The SHAddToRecentDocs function in VideoLAN VLC media player 2.0.4 and earlier might allow user-assisted attackers to cause a denial of service (crash) via a crafted file name that triggers an incorrect string-length calculation when the file is added to VLC
Description:	The SHAddToRecentDocs function in VideoLAN VLC media player 2.0.4 and earlier might allow user-assisted attackers to cause a denial of service (crash) via a crafted file name that triggers an incorrect string-length calculation when the file is added to VLC. NOTE: it is not clear whether this issue crosses privilege boundaries or whether it can be exploited without user interaction.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-5855	Version:	4
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	VLC Media Player
Definition Synopsis:
VLC media player is installed AND Version of VLC Media Player less than or equal to 2.0.4

Definition Id: oval:org.mitre.oval:def:17023

Oval ID:	oval:org.mitre.oval:def:17023
Title:	The ASF Demuxer (modules/demux/asf/asf.c) in VideoLAN VLC media player 2.0.5 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted ASF movie that triggers an out-of-bounds read
Description:	The ASF Demuxer (modules/demux/asf/asf.c) in VideoLAN VLC media player 2.0.5 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted ASF movie that triggers an out-of-bounds read.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-1954	Version:	3
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	VLC Media Player
Definition Synopsis:
VLC media player is installed AND Version of VLC Media Player less than or equal to 2.0.5

Definition Id: oval:org.mitre.oval:def:17226

Oval ID:	oval:org.mitre.oval:def:17226
Title:	Multiple buffer overflows in VideoLAN VLC media player 2.0.4 and earlier via vectors related to the (1) freetype renderer and (2) HTML subtitle parser
Description:	Multiple buffer overflows in VideoLAN VLC media player 2.0.4 and earlier allow remote attackers to cause a denial of service (crash) and execute arbitrary code via vectors related to the (1) freetype renderer and (2) HTML subtitle parser.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-1868	Version:	3
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	VLC Media Player
Definition Synopsis:
VLC media player is installed AND Version of VLC Media Player less than or equal to 2.0.4

Definition Id: oval:org.mitre.oval:def:18086

Oval ID:	oval:org.mitre.oval:def:18086
Title:	Buffer overflow in the mp4a packetizer (modules/packetizer/mpeg4audio.c) in VideoLAN VLC Media Player before 2.0.8
Description:	Buffer overflow in the mp4a packetizer (modules/packetizer/mpeg4audio.c) in VideoLAN VLC Media Player before 2.0.8 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-4388	Version:	8
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	VLC Media Player
Definition Synopsis:
VLC media player is installed AND Version of VLC Media Player less than 2.0.8

Definition Id: oval:org.mitre.oval:def:19318

Oval ID:	oval:org.mitre.oval:def:19318
Title:	VideoLAN VLC Media Player 2.0.8 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in a URL in a m3u file
Description:	VideoLAN VLC Media Player 2.0.8 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in a URL in a m3u file.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-6283	Version:	5
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	VLC Media Player
Definition Synopsis:
VLC media player is installed AND Version of VLC Media Player less than or equal to 2.0.8

Definition Id: oval:org.mitre.oval:def:23696

Oval ID:	oval:org.mitre.oval:def:23696
Title:	VLC Media Player MKV Parsing Integer Overflow Vulnerability
Description:	DISPUTED plugins/demux/libmkv_plugin.dll in VideoLAN VLC Media Player 2.0.7, and possibly other versions, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted MKV file, possibly involving an integer overflow and out-of-bounds read or heap-based buffer overflow, or an uncaught exception. NOTE: the vendor disputes the severity and claimed vulnerability type of this issue, stating "This PoC crashes VLC, indeed, but does nothing more... this is not an integer overflow error, but an uncaught exception and I doubt that it is exploitable. This uncaught exception makes VLC abort, not execute random code, on my Linux 64bits machine." A PoC posted by the original researcher shows signs of an attacker-controlled out-of-bounds read, but the affected instruction does not involve a register that directly influences control flow.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-3245	Version:	5
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	VLC Media Player
Definition Synopsis:
VLC media player is installed AND Version of VLC Media Player equals 2.0.7

Definition Id: oval:org.mitre.oval:def:24040

Oval ID:	oval:org.mitre.oval:def:24040
Title:	VLC Media Player RTSP Processing "parseRTSPRequestString()" Buffer Overflow Vulnerability
Description:	The parseRTSPRequestString function in Live Networks Live555 Streaming Media 2013.11.26, as used in VideoLAN VLC Media Player, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a space character at the beginning of an RTSP message, which triggers an integer underflow, infinite loop, and buffer overflow. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-6933.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2013-6934	Version:	5
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012	Product(s):	VLC Media Player
Definition Synopsis:
VLC media player is installed AND Version of VLC Media Player is less than 2.1.2 and greater than or equal 2.0.0

Definition Id: oval:org.mitre.oval:def:25069

Oval ID:	oval:org.mitre.oval:def:25069
Title:	DSA-2973-1 -- vlc - security update
Description:	Multiple buffer overflows have been found in the VideoLAN media player. Processing malformed subtitles or movie files could lead to denial of service and potentially the execution of arbitrary code.
Family:	unix	Class:	patch
Reference(s):	DSA-2973-1 CVE-2013-1868 CVE-2013-1954 CVE-2013-4388	Version:	5
Platform(s):	Debian GNU/Linux 7 Debian GNU/kFreeBSD 7	Product(s):	vlc
Definition Synopsis:
Debian 7 Debian 7 is installed AND GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND vlc DPKG is earlier than 0:2.0.3-5+deb7u1

CPE : Common Platform Enumeration

Type	Description	Count
Application	live555 Streaming Media cpe:2.3:a:live555:streaming_media:2013-11-26:::::::*	1
Application	Videolan Vlc Media Player cpe:2.3:a:videolan:vlc_media_player:2.0.9:::::::* cpe:2.3:a:videolan:vlc_media_player:2.0.8:::::::* cpe:2.3:a:videolan:vlc_media_player:2.0.7:::::::* cpe:2.3:a:videolan:vlc_media_player:2.0.6:::::::* cpe:2.3:a:videolan:vlc_media_player:2.0.5:::::::* cpe:2.3:a:videolan:vlc_media_player:2.0.4:::::::* cpe:2.3:a:videolan:vlc_media_player:2.0.3:::::::* cpe:2.3:a:videolan:vlc_media_player:2.0.2:::::::* cpe:2.3:a:videolan:vlc_media_player:2.0.1:::::::* cpe:2.3:a:videolan:vlc_media_player:2.0.0:::::::* cpe:2.3:a:videolan:vlc_media_player:1.1.9:::::::* cpe:2.3:a:videolan:vlc_media_player:1.1.8:::::::* cpe:2.3:a:videolan:vlc_media_player:1.1.7:::::::* cpe:2.3:a:videolan:vlc_media_player:1.1.6.1:::::::* cpe:2.3:a:videolan:vlc_media_player:1.1.6:::::::* cpe:2.3:a:videolan:vlc_media_player:1.1.5:::::::* cpe:2.3:a:videolan:vlc_media_player:1.1.4.1:::::::* cpe:2.3:a:videolan:vlc_media_player:1.1.4:::::::* cpe:2.3:a:videolan:vlc_media_player:1.1.3:::::::* cpe:2.3:a:videolan:vlc_media_player:1.1.2:::::::* cpe:2.3:a:videolan:vlc_media_player:1.1.13:::::::* cpe:2.3:a:videolan:vlc_media_player:1.1.12:::::::* cpe:2.3:a:videolan:vlc_media_player:1.1.11:::::::* cpe:2.3:a:videolan:vlc_media_player:1.1.10.1:::::::* cpe:2.3:a:videolan:vlc_media_player:1.1.10:::::::* cpe:2.3:a:videolan:vlc_media_player:1.1.1:::::::* cpe:2.3:a:videolan:vlc_media_player:1.1.0:::::::* cpe:2.3:a:videolan:vlc_media_player:1.1.0:rc1:::::: cpe:2.3:a:videolan:vlc_media_player:1.0.6:::::::* cpe:2.3:a:videolan:vlc_media_player:1.0.5:::::::* cpe:2.3:a:videolan:vlc_media_player:1.0.4:::::::* cpe:2.3:a:videolan:vlc_media_player:1.0.3:::::::* cpe:2.3:a:videolan:vlc_media_player:1.0.2:::::::* cpe:2.3:a:videolan:vlc_media_player:1.0.1:::::::* cpe:2.3:a:videolan:vlc_media_player:1.0.0:::::::* cpe:2.3:a:videolan:vlc_media_player:0.9.9a:::::::* cpe:2.3:a:videolan:vlc_media_player:0.9.9:::::::* cpe:2.3:a:videolan:vlc_media_player:0.9.8a:::::::* cpe:2.3:a:videolan:vlc_media_player:0.9.8:::::::* cpe:2.3:a:videolan:vlc_media_player:0.9.7:::::::* cpe:2.3:a:videolan:vlc_media_player:0.9.6:::::::* cpe:2.3:a:videolan:vlc_media_player:0.9.5:::::::* cpe:2.3:a:videolan:vlc_media_player:0.9.4:::::::* cpe:2.3:a:videolan:vlc_media_player:0.9.3:::::::* cpe:2.3:a:videolan:vlc_media_player:0.9.2:::::::* cpe:2.3:a:videolan:vlc_media_player:0.9.10:::::::* cpe:2.3:a:videolan:vlc_media_player:0.9.1:::::::* cpe:2.3:a:videolan:vlc_media_player:0.9.0:::::::* cpe:2.3:a:videolan:vlc_media_player:0.9:::::::* cpe:2.3:a:videolan:vlc_media_player:0.8.6i:::::::* cpe:2.3:a:videolan:vlc_media_player:0.8.6h:::::::* cpe:2.3:a:videolan:vlc_media_player:0.8.6g:::::::* cpe:2.3:a:videolan:vlc_media_player:0.8.6f:::::::* cpe:2.3:a:videolan:vlc_media_player:0.8.6e:::::::* cpe:2.3:a:videolan:vlc_media_player:0.8.6d:::::::* cpe:2.3:a:videolan:vlc_media_player:0.8.6c:::::::* cpe:2.3:a:videolan:vlc_media_player:0.8.6b:::::::* cpe:2.3:a:videolan:vlc_media_player:0.8.6a:::::::* cpe:2.3:a:videolan:vlc_media_player:0.8.6:::::::* cpe:2.3:a:videolan:vlc_media_player:0.8.5:::::::* cpe:2.3:a:videolan:vlc_media_player:0.8.5:test3:::::: cpe:2.3:a:videolan:vlc_media_player:0.8.5:test4:::::: cpe:2.3:a:videolan:vlc_media_player:0.8.4a:::::::* cpe:2.3:a:videolan:vlc_media_player:0.8.4:::::::* cpe:2.3:a:videolan:vlc_media_player:0.8.4:test2:::::: cpe:2.3:a:videolan:vlc_media_player:0.8.2:::::::* cpe:2.3:a:videolan:vlc_media_player:0.8.1337:::::::* cpe:2.3:a:videolan:vlc_media_player:0.8.1:::::::* cpe:2.3:a:videolan:vlc_media_player:0.8.0:::::::* cpe:2.3:a:videolan:vlc_media_player:0.7.2:::::::* cpe:2.3:a:videolan:vlc_media_player:0.7.2:test3:::::: cpe:2.3:a:videolan:vlc_media_player:0.7.2:test2:::::: cpe:2.3:a:videolan:vlc_media_player:0.7.1a:::::::* cpe:2.3:a:videolan:vlc_media_player:0.7.1:::::::* cpe:2.3:a:videolan:vlc_media_player:0.7.0:::::::* cpe:2.3:a:videolan:vlc_media_player:0.6.2:::::::* cpe:2.3:a:videolan:vlc_media_player:0.6.1:::::::* cpe:2.3:a:videolan:vlc_media_player:0.6.0:::::::* cpe:2.3:a:videolan:vlc_media_player:0.5.3:::::::* cpe:2.3:a:videolan:vlc_media_player:0.5.2:::::::* cpe:2.3:a:videolan:vlc_media_player:0.5.1a:::::::* cpe:2.3:a:videolan:vlc_media_player:0.5.1:::::::* cpe:2.3:a:videolan:vlc_media_player:0.5.0:::::::* cpe:2.3:a:videolan:vlc_media_player:0.4.6:::::::* cpe:2.3:a:videolan:vlc_media_player:0.4.5:::::::* cpe:2.3:a:videolan:vlc_media_player:0.4.4:::::::* cpe:2.3:a:videolan:vlc_media_player:0.4.3-ac3:::::::* cpe:2.3:a:videolan:vlc_media_player:0.4.3:::::::* cpe:2.3:a:videolan:vlc_media_player:0.4.2:::::::* cpe:2.3:a:videolan:vlc_media_player:0.4.1:::::::* cpe:2.3:a:videolan:vlc_media_player:0.4.0:::::::* cpe:2.3:a:videolan:vlc_media_player:0.3.1:::::::* cpe:2.3:a:videolan:vlc_media_player:0.3.0:::::::* cpe:2.3:a:videolan:vlc_media_player:0.2.92:::::::* cpe:2.3:a:videolan:vlc_media_player:0.2.91:::::::* cpe:2.3:a:videolan:vlc_media_player:0.2.90:::::::* cpe:2.3:a:videolan:vlc_media_player:0.2.83:::::::* cpe:2.3:a:videolan:vlc_media_player:0.2.82:::::::* cpe:2.3:a:videolan:vlc_media_player:0.2.81:::::::* cpe:2.3:a:videolan:vlc_media_player:0.2.80:::::::* cpe:2.3:a:videolan:vlc_media_player:0.2.73:::::::* cpe:2.3:a:videolan:vlc_media_player:0.2.72:::::::* cpe:2.3:a:videolan:vlc_media_player:0.2.71:::::::* cpe:2.3:a:videolan:vlc_media_player:0.2.70:::::::* cpe:2.3:a:videolan:vlc_media_player:0.2.63:::::::* cpe:2.3:a:videolan:vlc_media_player:0.2.62:::::::* cpe:2.3:a:videolan:vlc_media_player:0.2.61:::::::* cpe:2.3:a:videolan:vlc_media_player:0.2.60:::::::* cpe:2.3:a:videolan:vlc_media_player:0.2.50:::::::* cpe:2.3:a:videolan:vlc_media_player:0.2.0:::::::* cpe:2.3:a:videolan:vlc_media_player:0.1.99i:::::::* cpe:2.3:a:videolan:vlc_media_player:0.1.99h:::::::* cpe:2.3:a:videolan:vlc_media_player:0.1.99g:::::::* cpe:2.3:a:videolan:vlc_media_player:0.1.99f:::::::* cpe:2.3:a:videolan:vlc_media_player:0.1.99e:::::::* cpe:2.3:a:videolan:vlc_media_player:0.1.99d:::::::* cpe:2.3:a:videolan:vlc_media_player:0.1.99c:::::::* cpe:2.3:a:videolan:vlc_media_player:0.1.99b:::::::* cpe:2.3:a:videolan:vlc_media_player:0.1.99a:::::::* cpe:2.3:a:videolan:vlc_media_player:::::::: cpe:2.3:a:videolan:vlc_media_player::::::iphone_os::* cpe:2.3:a:videolan:vlc_media_player::::::macos::* cpe:2.3:a:videolan:vlc_media_player:-:::::::*	123

SAINT Exploits

Description	Link
VideoLAN VLC Media Player MKV Demuxer Code Execution	More info here
VideoLAN VLC Media Player MMS URI Stack Overflow	More info here

ExploitDB Exploits

id	Description
2011-03-26	VLC AMV Dangling Pointer Vulnerability

OpenVAS Exploits

Date	Description
2012-11-02	Name : VLC Media Player 'libpng_plugin' Denial of Service Vulnerability (Windows) File : nvt/gb_vlc_media_player_libpng_plugin_dos_vuln_win.nasl
2012-11-02	Name : VLC Media Player 'libpng_plugin' Denial of Service Vulnerability (Mac OS X) File : nvt/gb_vlc_media_player_libpng_plugin_dos_vuln_macosx.nasl
2012-11-02	Name : VLC Media Player TiVo Demuxer Double Free Vulnerability (Windows) File : nvt/gb_vlc_media_player_demuxer_double_free_vuln_win.nasl
2012-11-02	Name : VLC Media Player TiVo Demuxer Double Free Vulnerability (Mac OS X) File : nvt/gb_vlc_media_player_demuxer_double_free_vuln_macosx.nasl
2012-09-15	Name : FreeBSD Ports: vlc File : nvt/freebsd_vlc6.nasl
2012-07-25	Name : VLC Media Player 'MP4' Denial of Service Vulnerability (Mac OS X) File : nvt/gb_vlc_media_player_mp4_dos_vuln_macosx.nasl
2012-07-25	Name : VLC Media Player 'MP4' Denial of Service Vulnerability (Windows) File : nvt/gb_vlc_media_player_mp4_dos_vuln_win.nasl
2012-07-25	Name : VLC Media Player OGG Demuxer Buffer Overflow Vulnerability (Windows) File : nvt/gb_vlc_media_player_ogg_demuxer_bof_vuln_win.nasl
2012-03-21	Name : VLC Media Player Multiple Vulnerabilities - Mar 12 (Windows) File : nvt/gb_vlc_media_player_mult_vuln_mar12_win.nasl
2012-03-21	Name : VLC Media Player Multiple Vulnerabilities - Mar 12 (Linux) File : nvt/gb_vlc_media_player_mult_vuln_mar12_lin.nasl
2012-03-21	Name : VLC Media Player Multiple Vulnerabilities - Mar 12 (MAC OS X) File : nvt/gb_vlc_media_player_mult_vuln_mar12_macosx.nasl
2011-08-03	Name : Debian Security Advisory DSA 2257-1 (vlc) File : nvt/deb_2257_1.nasl
2011-07-29	Name : VLC Media Player '.AVI' File BOF Vulnerability (Linux) File : nvt/secpod_vlc_media_player_avi_bof_vuln_lin.nasl
2011-07-29	Name : VLC Media Player '.AVI' File BOF Vulnerability (Windows) File : nvt/secpod_vlc_media_player_avi_bof_vuln_win.nasl
2011-07-29	Name : VLC Media Player '.RM' File BOF Vulnerability (Linux) File : nvt/secpod_vlc_media_player_rm_bof_vuln_lin.nasl
2011-07-29	Name : VLC Media Player '.RM' File BOF Vulnerability (Windows) File : nvt/secpod_vlc_media_player_rm_bof_vuln_win.nasl
2011-07-01	Name : VLC Media Player XSPF Playlist Integer Overflow Vulnerability (Linux) File : nvt/secpod_vlc_media_player_xspf_int_overflow_vuln_lin.nasl
2011-07-01	Name : VLC Media Player XSPF Playlist Integer Overflow Vulnerability (Windows) File : nvt/secpod_vlc_media_player_xspf_int_overflow_vuln_win.nasl
2011-05-16	Name : VLC Media Player 'MP4_ReadBox_skcr()' Buffer Overflow Vulnerability (Linux) File : nvt/gb_vlc_media_player_mp4_bof_vuln_lin.nasl
2011-05-16	Name : VLC Media Player 'MP4_ReadBox_skcr()' Buffer Overflow Vulnerability (Windows) File : nvt/gb_vlc_media_player_mp4_bof_vuln_win.nasl
2011-05-16	Name : VLC Media Player 'Bookmark Creation' Buffer Overflow Vulnerability (Windows) File : nvt/gb_vlc_media_player_bookmark_bof_vuln_win.nasl
2011-05-16	Name : VLC Media Player 'Bookmark Creation' Buffer Overflow Vulnerability (Linux) File : nvt/gb_vlc_media_player_bookmark_bof_vuln_lin.nasl
2011-05-12	Name : Debian Security Advisory DSA 2211-1 (vlc) File : nvt/deb_2211_1.nasl
2011-05-12	Name : Debian Security Advisory DSA 2218-1 (vlc) File : nvt/deb_2218_1.nasl
2011-05-12	Name : FreeBSD Ports: vlc File : nvt/freebsd_vlc5.nasl
2011-04-01	Name : VLC Media Player AMV and NSV Data Processing Memory Corruption vulnerability ... File : nvt/secpod_vlc_media_player_mem_crptn_vuln_win.nasl
2011-03-07	Name : Debian Security Advisory DSA 2159-1 (vlc) File : nvt/deb_2159_1.nasl
2011-03-05	Name : FreeBSD Ports: vlc File : nvt/freebsd_vlc4.nasl
2011-02-23	Name : VLC Media Player USF and Text Subtitles Decoders BOF Vulnerabilities (Linux) File : nvt/secpod_vlc_media_player_bof_vuln_feb11_lin.nasl
2011-02-23	Name : VLC Media Player USF and Text Subtitles Decoders BOF Vulnerabilities (Windows) File : nvt/secpod_vlc_media_player_bof_vuln_feb11_win.nasl
2011-02-23	Name : VLC Media Player '.mkv' Code Execution Vulnerability (Linux) File : nvt/secpod_vlc_media_player_code_exec_vuln_lin.nasl
2011-02-23	Name : VLC Media Player '.mkv' Code Execution Vulnerability (Windows) File : nvt/secpod_vlc_media_player_code_exec_vuln_win.nasl
2011-01-31	Name : VLC Media Player 'CDG decoder' multiple buffer overflow vulnerabilities (Linux) File : nvt/gb_vlc_media_player_bof_vuln_jan11_lin.nasl
2011-01-31	Name : VLC Media Player 'CDG decoder' multiple buffer overflow vulnerabilities (Wind... File : nvt/gb_vlc_media_player_bof_vuln_jan11_win.nasl
2011-01-08	Name : VLC Media Player Real Demuxer File Handling Array Indexing Vulnerabilities (Win) File : nvt/gb_vlc_media_player_mult_bof_vuln_win.nasl
2010-09-03	Name : VLC Media Player File Opening Insecure Library Loading Vulnerability (Win) File : nvt/gb_vlc_media_player_insecure_lib_load_vuln_win.nasl
2010-08-21	Name : FreeBSD Ports: vlc File : nvt/freebsd_vlc3.nasl
2010-08-19	Name : VLC Media Player Meta-Information Denial of Service Vulnerability (Linux) File : nvt/gb_vlc_media_player_dos_vuln_lin.nasl
2010-08-19	Name : VLC Media Player Meta-Information Denial of Service Vulnerability (Windows) File : nvt/gb_vlc_media_player_dos_vuln_win.nasl
2010-05-04	Name : FreeBSD Ports: vlc File : nvt/freebsd_vlc2.nasl

Open Source Vulnerability Database (OSVDB)

Id	Description
77975	VLC Media Player modules/demux/ty.c get_chunk_header() Function Double-free T...
74737	VLC Media Player XSPF Playlist Processing DoS
74736	VLC Media Player ZIP Archive Decompression DoS
74735	VLC Media Player Real Time Messaging Protocol (RTMP) Parsing Overflow
74734	VLC Media Player AVI / ASF / Matroska (MKV) Decoding Unspecified DoS
74733	VLC Media Player A/52 / DTS / MPEG Audio Decoding Overflow
74057	VLC Media Player AVI Demuxer libavi.c AVI_ChunkRead_strf Function Overflow
74056	VLC Media Player RealMedia Demuxer real.c DemuxAudioSipr Function Overflow
73450	VLC Media Player XSPF Playlist Parser Unspecified Overflow
72906	VLC Media Player Text Decoder modules/codec/subtitles/subsusf.c StripTags Fun...
72905	VLC Media Player USF Decoder modules/codec/subtitles/subsdec.c StripTags Func...
71705	VLC Media Player modules/demux/mp4/libmp4.c MP4_ReadBox_skcr() Function Overflow
71278	VLC Media Player libdirectx_plugin.dll NSV File Large Video Dimension Overflow VLC Media Player is prone to an overflow condition. libdirectx_plugin.dll fails to properly sanitize user-supplied input resulting in a buffer overflow. With a specially crafted width in an NSV file, a context-dependent attacker can potentially execute arbitrary code.
71277	VLC Media Player libdirectx_plugin.dll AMV File Large Video Dimension Overflow VLC Media Player is prone to an overflow condition. libdirectx_plugin.dll fails to properly sanitize user-supplied input resulting in a buffer overflow. With a specially crafted width in an AMV file, a context-dependent attacker can potentially execute arbitrary code.
70698	VLC Media Player MKV Demuxer modules/demux/mkv/mkv.hpp MKV_IS_ID Macro Arbitr... VLC Media Player contains an input validation error within the 'MKV_IS_ID' macro in 'modules/demux/mkv/mkv.hpp' of the MKV demuxer. This may be exploited by a context-dependent attacker with a crafted MKV file to execute arbitrary code.
70656	VLC Media Player CDG Decoder cdg.c Crafted Video File Handling Overflow DoS VLC Media Player is prone to an overflow condition. The program fails to properly sanitize user-supplied input resulting in a heap-based buffer overflow. With a specially crafted CDG video, a context-dependent attacker can cause a denial of service, or possibly execute arbitrary code.
70242	VLC Media Player modules/demux/real.c Array Indexing Error Code Execution VLC Media Player contains a flaw related to an array indexing error within the Real demuxer. The issue is triggered when a context-dependent attacker tricks a users into opening a crafted Real Media file. This may allow an attacker to execute arbitrary code.
67492	VLC Media Player Path Subversion Arbitrary DLL Injection Code Execution VLC Media Player is prone to a flaw in the way it loads dynamic-link libraries (e.g., wintab32.dll). The program uses a fixed path to look for specific files or libraries. This path includes directories that may not be trusted or under user control. By placing a custom version of the file or library in the path, the program will load it before the legitimate version. This allows an attacker to inject custom code that will be run with the privilege of the program or user executing the program. This can be done by tricking a user into opening a MP3 file from the local file system or a USB drive in some cases. This attack can be leveraged remotely in some cases by placing the malicious file or library on a network share or extracted archive downloaded from a remote source.
67331	VLC Media Player TagLib Plugin taglib.cpp ReadMetaFromId3v2 Function DoS
62728	VLC Media Player Bookmark Creation Crafted File Handling Memory Corruption VLC media player is vulnerable to a buffer overflow attack when processing .mp3 file and its metadata. It fails to perform boundry checks when creating a bookmark from the malicious media file playing, resulting in a crash, overwriting ECX register. While the evil .mp3 is playing, you go Playback > Bookmarks > Manage bookmarks > Create.

Snort® IPS/IDS

Date	Description
2014-01-10	Microsoft Multiple Products malformed PNG detected tEXt overflow attempt RuleID : 6700 - Revision : 20 - Type : FILE-IMAGE
2019-09-17	VideoLAN VLC Media Player Live555 RTSP plugin stack-based buffer overflow att... RuleID : 51040 - Revision : 1 - Type : FILE-MULTIMEDIA
2015-06-09	VideoLAN VLC Media Player XSPF integer overflow attempt RuleID : 34344 - Revision : 3 - Type : FILE-MULTIMEDIA
2015-06-09	VideoLAN VLC Media Player XSPF integer overflow attempt RuleID : 34343 - Revision : 3 - Type : FILE-MULTIMEDIA
2014-04-17	VideoLAN VLC Media Player Live555 RTSP plugin stack-based buffer overflow att... RuleID : 30215 - Revision : 5 - Type : FILE-MULTIMEDIA
2014-01-10	VideoLAN VLC webm memory corruption attempt RuleID : 24283 - Revision : 5 - Type : FILE-MULTIMEDIA
2014-01-10	VLC mms hostname buffer overflow attempt RuleID : 23577 - Revision : 9 - Type : FILE-OTHER
2014-01-10	VLC mms hostname buffer overflow attempt RuleID : 21922 - Revision : 11 - Type : FILE-OTHER
2014-01-10	VideoLAN VLC webm memory corruption attempt RuleID : 20227 - Revision : 12 - Type : FILE-MULTIMEDIA
2014-01-10	VideoLAN VLC Media Player libdirectx_plugin.dll AMV parsing buffer overflow a... RuleID : 19883 - Revision : 7 - Type : FILE-MULTIMEDIA
2014-01-10	VideoLAN VLC Media Player Subtitle StripTags Heap Buffer Overflow RuleID : 19421 - Revision : 12 - Type : FILE-MULTIMEDIA
2014-01-10	VideoLAN VLC Media Player Subtitle StripTags Heap Buffer Overflow RuleID : 19420 - Revision : 12 - Type : FILE-MULTIMEDIA

Nessus® Vulnerability Scanner

Date	Description
2014-11-06	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201411-01.nasl - Type : ACT_GATHER_INFO
2014-07-09	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2973.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-275.nasl - Type : ACT_GATHER_INFO
2014-02-04	Name : The remote Windows host contains a media player that is affected by a buffer ... File : vlc_2_1_2.nasl - Type : ACT_GATHER_INFO
2013-10-27	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201310-13.nasl - Type : ACT_GATHER_INFO
2013-10-23	Name : The remote Windows host contains a media player that is affected by a buffer ... File : vlc_2_0_9.nasl - Type : ACT_GATHER_INFO
2013-04-25	Name : The remote Windows host contains a media player that is affected by a buffer ... File : vlc_2_0_6.nasl - Type : ACT_GATHER_INFO
2013-04-20	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2013-131.nasl - Type : ACT_GATHER_INFO
2013-01-04	Name : The remote Windows host contains a media player that is affected by multiple ... File : vlc_2_0_5.nasl - Type : ACT_GATHER_INFO
2012-12-03	Name : The remote Windows host contains a media player that is affected by a code ex... File : vlc_1_1_13.nasl - Type : ACT_GATHER_INFO
2012-09-17	Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_62f36dfdff5611e18821001b2134ef46.nasl - Type : ACT_GATHER_INFO
2012-07-19	Name : The remote Windows host contains a media player that is affected by a buffer ... File : vlc_2_0_2.nasl - Type : ACT_GATHER_INFO
2012-03-21	Name : The remote Windows host contains a media player that is affected by multiple ... File : vlc_2_0_1.nasl - Type : ACT_GATHER_INFO
2011-07-18	Name : The remote Windows host contains a media player that can allow code execution. File : vlc_1_1_11.nasl - Type : ACT_GATHER_INFO
2011-06-10	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2257.nasl - Type : ACT_GATHER_INFO
2011-06-09	Name : The remote Windows host contains a media player that can allow code execution. File : vlc_1_1_10.nasl - Type : ACT_GATHER_INFO
2011-04-13	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2218.nasl - Type : ACT_GATHER_INFO
2011-04-13	Name : The remote Windows host contains a media player that is affected by multiple ... File : vlc_1_1_9.nasl - Type : ACT_GATHER_INFO
2011-04-07	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2211.nasl - Type : ACT_GATHER_INFO
2011-03-25	Name : The remote Windows host contains a media player that is affected by multiple ... File : vlc_1_1_8.nasl - Type : ACT_GATHER_INFO
2011-02-11	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2159.nasl - Type : ACT_GATHER_INFO
2011-02-02	Name : The remote Windows host contains an media player that is affected by a code e... File : vlc_1_1_7.nasl - Type : ACT_GATHER_INFO
2011-01-27	Name : The remote Windows host contains an media player that is affected by multiple... File : vlc_1_1_6.nasl - Type : ACT_GATHER_INFO
2010-08-27	Name : The remote Windows host contains an application that allows arbitrary code ex... File : vlc_1_1_4.nasl - Type : ACT_GATHER_INFO
2010-08-26	Name : The remote Windows host contains an application that suffers from multiple vu... File : vlc_1_0_6.nasl - Type : ACT_GATHER_INFO
2010-08-16	Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_e7d91a3ca7c911df870c00242b513d7c.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.

Date	Informations
2014-12-27 00:26:27	Multiple Updates
2014-11-07 13:26:28	Multiple Updates
2014-11-06 00:23:05	First insertion

Global Informations

Type	Count
CWE ID(s)	30
Oval ID(s)	30
CPE ID(s)	124
Saint Exploit(s)	2
osvdb(s)	20
ExploitDB Exploit(s)	1
Openvas Exploit(s)	40
Snort® Rule(s)	12
Nessus® Exploit(s)	26

	Related
9.3	CVE-2013-1868
9.3	CVE-2012-1776
9.3	CVE-2012-1775
9.3	CVE-2012-0023
9.3	CVE-2011-2194
9.3	CVE-2011-0531
9.3	CVE-2011-0021
9.3	CVE-2010-3907
9.3	CVE-2010-3276
9.3	CVE-2010-3275
9.3	CVE-2010-3124
7.6	CVE-2011-1087
7.5	CVE-2013-6934
7.5	CVE-2013-6283
7.5	CVE-2011-3623
7.5	CVE-2010-2062
7.5	CVE-2010-1445
7.5	CVE-2010-1444
7.5	CVE-2010-1442
7.5	CVE-2010-1441
6.8	CVE-2013-4388
6.8	CVE-2013-3245
6.8	CVE-2013-1954
6.8	CVE-2012-3377
6.8	CVE-2011-2588
6.8	CVE-2011-2587
6.8	CVE-2011-1684
6.8	CVE-2011-0522
5	CVE-2010-2937
5	CVE-2010-1443
4.3	CVE-2012-5855
4.3	CVE-2012-5470
4.3	CVE-2012-2396
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 33 more Alert(s)