Executive Summary
Summary | |
---|---|
Title | VLC: Multiple vulnerabilities |
Informations | |||
---|---|---|---|
Name | GLSA-201411-01 | First vendor Publication | 2014-11-05 |
Vendor | Gentoo | Last vendor Modification | 2014-11-05 |
Severity (Vendor) | Normal | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Synopsis Multiple vulnerabilities have been found in VLC, the worst of which could lead to user-assisted execution of arbitrary code. Background Description Impact Workaround Resolution References Availability http://security.gentoo.org/glsa/glsa-201411-01.xml |
Original Source
Url : http://security.gentoo.org/glsa/glsa-201411-01.xml |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
70 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
17 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
10 % | CWE-20 | Improper Input Validation |
3 % | CWE-399 | Resource Management Errors |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:11992 | |||
Oval ID: | oval:org.mitre.oval:def:11992 | ||
Title: | DSA-2211-1 vlc -- missing input sanitising | ||
Description: | Ricardo Narvaja discovered that missing input sanitising in VLC, a multimedia player and streamer, could lead to the execution of arbitrary code if a user is tricked into opening a malformed media file. This update also provides updated packages for oldstable for vulnerabilities, which have already been addressed in Debian stable , either during the freeze or in DSA-2159 | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2211-1 CVE-2010-3275 CVE-2010-3276 CVE-2010-0522 CVE-2010-1441 CVE-2010-1442 CVE-2011-0531 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | vlc |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12190 | |||
Oval ID: | oval:org.mitre.oval:def:12190 | ||
Title: | Untrusted search path vulnerability in bin/winvlc.c in VLC Media Player 1.1.3 and earlier allows DLL hijacking attacks | ||
Description: | Untrusted search path vulnerability in bin/winvlc.c in VLC Media Player 1.1.3 and earlier allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wintab32.dll that is located in the same folder as a .mp3 file. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-3124 | Version: | 9 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows XP | Product(s): | VLC media player |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:12414 | |||
Oval ID: | oval:org.mitre.oval:def:12414 | ||
Title: | Heap based memory corruption vulnerability in "StripTags()" function within the USF and Text subtitles decoders in VideoLAN VLC Media Player 1.1 before 1.1.6 | ||
Description: | The StripTags function in (1) the USF decoder (modules/codec/subtitles/subsdec.c) and (2) the Text decoder (modules/codec/subtitles/subsusf.c) in VideoLAN VLC Media Player 1.1 before 1.1.6-rc allows remote attackers to execute arbitrary code via a subtitle with an opening "<" without a closing ">" in an MKV file, which triggers heap memory corruption, as demonstrated using refined-australia-blu720p-sample.mkv. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-0522 | Version: | 8 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows XP | Product(s): | VLC Media Player |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:12415 | |||
Oval ID: | oval:org.mitre.oval:def:12415 | ||
Title: | Denial of service vulnerability in the MKV demuxer plugin in VideoLAN VLC media player in VideoLAN VLC Media Player before 1.1.7 | ||
Description: | demux/mkv/mkv.hpp in the MKV demuxer plugin in VideoLAN VLC media player 1.1.6.1 and earlier allows remote attackers to cause a denial of service (crash) and execute arbitrary commands via a crafted MKV (WebM or Matroska) file that triggers memory corruption, related to "class mismatching" and the MKV_IS_ID macro. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-0531 | Version: | 9 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows XP | Product(s): | VLC Media Player |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:12460 | |||
Oval ID: | oval:org.mitre.oval:def:12460 | ||
Title: | Multiple heap-based buffer overflow vulnerabilities in VideoLAN VLC Media Player before 1.1.6 | ||
Description: | Multiple heap-based buffer overflows in cdg.c in the CDG decoder in VideoLAN VLC Media Player before 1.1.6 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted CDG video. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-0021 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows XP | Product(s): | VLC Media Player |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:12718 | |||
Oval ID: | oval:org.mitre.oval:def:12718 | ||
Title: | DSA-2159-1 vlc -- missing input sanitising | ||
Description: | Dan Rosenberg discovered that insufficient input validation in VLC's processing of Matroska/WebM containers could lead to the execution of arbitrary code. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2159-1 CVE-2011-0531 | Version: | 5 |
Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | vlc |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:12757 | |||
Oval ID: | oval:org.mitre.oval:def:12757 | ||
Title: | DSA-2257-1 kolab-cyrus-imapd -- implementation error | ||
Description: | It was discovered that the STARTTLS implementation of the Kolab Cyrus IMAP server does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted IMAP, LMTP, NNTP and POP3 sessions by sending a cleartext command that is processed after TLS is in place. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2257-1 CVE-2011-2194 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | kolab-cyrus-imapd |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13950 | |||
Oval ID: | oval:org.mitre.oval:def:13950 | ||
Title: | Multiple integer overflows in real.c in the Real demuxer plugin in VideoLAN VLC Media Player before 1.1.6 | ||
Description: | Multiple integer overflows in real.c in the Real demuxer plugin in VideoLAN VLC Media Player before 1.1.6 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a zero i_subpackets value in a Real Media file, leading to a heap-based buffer overflow. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-3907 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP | Product(s): | VLC Media Player |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:14532 | |||
Oval ID: | oval:org.mitre.oval:def:14532 | ||
Title: | Buffer overflow in VideoLAN VLC media player 1.0.5 | ||
Description: | Buffer overflow in VideoLAN VLC media player 1.0.5 allows user-assisted remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted .mp3 file that is played during bookmark creation. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-1087 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP | Product(s): | VLC Media Player |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:14676 | |||
Oval ID: | oval:org.mitre.oval:def:14676 | ||
Title: | Remote denial of service in the TagLib plugin in VideoLAN VLC media player 0.9.0 through 1.1.2 | ||
Description: | The ReadMetaFromId3v2 function in taglib.cpp in the TagLib plugin in VideoLAN VLC media player 0.9.0 through 1.1.2 does not properly process ID3v2 tags, which allows remote attackers to cause a denial of service (application crash) via a crafted media file. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-2937 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP | Product(s): | VLC Media Player |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:14718 | |||
Oval ID: | oval:org.mitre.oval:def:14718 | ||
Title: | libdirectx_plugin.dll in VideoLAN VLC Media Player before 1.1.8 allows remote attackers to execute arbitrary code via a crafted width in an AMV file, related to a "dangling pointer vulnerability." | ||
Description: | libdirectx_plugin.dll in VideoLAN VLC Media Player before 1.1.8 allows remote attackers to execute arbitrary code via a crafted width in an AMV file, related to a "dangling pointer vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-3275 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP | Product(s): | VLC Media Player |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:14741 | |||
Oval ID: | oval:org.mitre.oval:def:14741 | ||
Title: | Heap-based buffer overflow in the MP4_ReadBox_skcr function in libmp4.c in the MP4 demultiplexer in VideoLAN VLC media player | ||
Description: | Heap-based buffer overflow in the MP4_ReadBox_skcr function in libmp4.c in the MP4 demultiplexer in VideoLAN VLC media player 1.x before 1.1.9 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted MP4 file. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-1684 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP | Product(s): | VLC Media Player |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:14774 | |||
Oval ID: | oval:org.mitre.oval:def:14774 | ||
Title: | Integer overflow in the XSPF playlist parser in VideoLAN VLC media player 0.8.5 through 1.1.9 | ||
Description: | Integer overflow in the XSPF playlist parser in VideoLAN VLC media player 0.8.5 through 1.1.9 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors that trigger a heap-based buffer overflow. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-2194 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP | Product(s): | VLC Media Player |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:14817 | |||
Oval ID: | oval:org.mitre.oval:def:14817 | ||
Title: | Multiple heap-based buffer overflows in VideoLAN VLC media player before 2.0.1 | ||
Description: | Multiple heap-based buffer overflows in VideoLAN VLC media player before 2.0.1 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Real RTSP stream. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-1776 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP | Product(s): | VLC Media Player |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:14820 | |||
Oval ID: | oval:org.mitre.oval:def:14820 | ||
Title: | Stack-based buffer overflow in VideoLAN VLC media player before 2.0.1 | ||
Description: | Stack-based buffer overflow in VideoLAN VLC media player before 2.0.1 allows remote attackers to execute arbitrary code via a crafted MMS:// stream. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-1775 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP | Product(s): | VLC Media Player |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:14851 | |||
Oval ID: | oval:org.mitre.oval:def:14851 | ||
Title: | Heap-based buffer overflow in the DemuxAudioSipr function in real.c in the RealMedia demuxer in VideoLAN VLC media player 1.1.x before 1.1.11 | ||
Description: | Heap-based buffer overflow in the DemuxAudioSipr function in real.c in the RealMedia demuxer in VideoLAN VLC media player 1.1.x before 1.1.11 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Real Media file. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-2587 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP | Product(s): | VLC Media Player |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:14858 | |||
Oval ID: | oval:org.mitre.oval:def:14858 | ||
Title: | Heap-based buffer overflow in the AVI_ChunkRead_strf function in libavi.c in the AVI demuxer in VideoLAN VLC media player before 1.1.11 | ||
Description: | Heap-based buffer overflow in the AVI_ChunkRead_strf function in libavi.c in the AVI demuxer in VideoLAN VLC media player before 1.1.11 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted AVI media file. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-2588 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP | Product(s): | VLC Media Player |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:14873 | |||
Oval ID: | oval:org.mitre.oval:def:14873 | ||
Title: | libdirectx_plugin.dll in VideoLAN VLC Media Player before 1.1.8 allows remote attackers to execute arbitrary code via a crafted width in an NSV file | ||
Description: | libdirectx_plugin.dll in VideoLAN VLC Media Player before 1.1.8 allows remote attackers to execute arbitrary code via a crafted width in an NSV file. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2010-3276 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP | Product(s): | VLC Media Player |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:15299 | |||
Oval ID: | oval:org.mitre.oval:def:15299 | ||
Title: | Heap-based buffer overflow in the Ogg_DecodePacket function in the OGG demuxer in VideoLAN VLC media player before 2.0.2 | ||
Description: | Heap-based buffer overflow in the Ogg_DecodePacket function in the OGG demuxer (modules/demux/ogg.c) in VideoLAN VLC media player before 2.0.2 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted OGG file. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-3377 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP | Product(s): | VLC Media Player |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:15540 | |||
Oval ID: | oval:org.mitre.oval:def:15540 | ||
Title: | Vulnerability in libpng_plugin in VideoLAN VLC media player 2.0.3 | ||
Description: | libpng_plugin in VideoLAN VLC media player 2.0.3 allows remote attackers to cause a denial of service (application crash) via a crafted PNG file. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-5470 | Version: | 4 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP | Product(s): | VLC Media Player |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:15615 | |||
Oval ID: | oval:org.mitre.oval:def:15615 | ||
Title: | VideoLAN VLC media player 2.0.1 denial of service via a crafted MP4 file. | ||
Description: | VideoLAN VLC media player 2.0.1 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted MP4 file. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-2396 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP | Product(s): | VLC Media Player |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:15893 | |||
Oval ID: | oval:org.mitre.oval:def:15893 | ||
Title: | Double free vulnerability in the get_chunk_header function in modules/demux/ty.c in VideoLAN VLC media player 0.9.0 through 1.1.12 | ||
Description: | Double free vulnerability in the get_chunk_header function in modules/demux/ty.c in VideoLAN VLC media player 0.9.0 through 1.1.12 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TiVo (TY) file. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-0023 | Version: | 4 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP | Product(s): | VLC Media Player |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:16781 | |||
Oval ID: | oval:org.mitre.oval:def:16781 | ||
Title: | The SHAddToRecentDocs function in VideoLAN VLC media player 2.0.4 and earlier might allow user-assisted attackers to cause a denial of service (crash) via a crafted file name that triggers an incorrect string-length calculation when the file is added to VLC | ||
Description: | The SHAddToRecentDocs function in VideoLAN VLC media player 2.0.4 and earlier might allow user-assisted attackers to cause a denial of service (crash) via a crafted file name that triggers an incorrect string-length calculation when the file is added to VLC. NOTE: it is not clear whether this issue crosses privilege boundaries or whether it can be exploited without user interaction. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-5855 | Version: | 4 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | VLC Media Player |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:17023 | |||
Oval ID: | oval:org.mitre.oval:def:17023 | ||
Title: | The ASF Demuxer (modules/demux/asf/asf.c) in VideoLAN VLC media player 2.0.5 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted ASF movie that triggers an out-of-bounds read | ||
Description: | The ASF Demuxer (modules/demux/asf/asf.c) in VideoLAN VLC media player 2.0.5 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted ASF movie that triggers an out-of-bounds read. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-1954 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | VLC Media Player |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:17226 | |||
Oval ID: | oval:org.mitre.oval:def:17226 | ||
Title: | Multiple buffer overflows in VideoLAN VLC media player 2.0.4 and earlier via vectors related to the (1) freetype renderer and (2) HTML subtitle parser | ||
Description: | Multiple buffer overflows in VideoLAN VLC media player 2.0.4 and earlier allow remote attackers to cause a denial of service (crash) and execute arbitrary code via vectors related to the (1) freetype renderer and (2) HTML subtitle parser. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-1868 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | VLC Media Player |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:18086 | |||
Oval ID: | oval:org.mitre.oval:def:18086 | ||
Title: | Buffer overflow in the mp4a packetizer (modules/packetizer/mpeg4audio.c) in VideoLAN VLC Media Player before 2.0.8 | ||
Description: | Buffer overflow in the mp4a packetizer (modules/packetizer/mpeg4audio.c) in VideoLAN VLC Media Player before 2.0.8 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-4388 | Version: | 8 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | VLC Media Player |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:19318 | |||
Oval ID: | oval:org.mitre.oval:def:19318 | ||
Title: | VideoLAN VLC Media Player 2.0.8 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in a URL in a m3u file | ||
Description: | VideoLAN VLC Media Player 2.0.8 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in a URL in a m3u file. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-6283 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | VLC Media Player |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:23696 | |||
Oval ID: | oval:org.mitre.oval:def:23696 | ||
Title: | VLC Media Player MKV Parsing Integer Overflow Vulnerability | ||
Description: | ** DISPUTED ** plugins/demux/libmkv_plugin.dll in VideoLAN VLC Media Player 2.0.7, and possibly other versions, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted MKV file, possibly involving an integer overflow and out-of-bounds read or heap-based buffer overflow, or an uncaught exception. NOTE: the vendor disputes the severity and claimed vulnerability type of this issue, stating "This PoC crashes VLC, indeed, but does nothing more... this is not an integer overflow error, but an uncaught exception and I doubt that it is exploitable. This uncaught exception makes VLC abort, not execute random code, on my Linux 64bits machine." A PoC posted by the original researcher shows signs of an attacker-controlled out-of-bounds read, but the affected instruction does not involve a register that directly influences control flow. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-3245 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | VLC Media Player |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:24040 | |||
Oval ID: | oval:org.mitre.oval:def:24040 | ||
Title: | VLC Media Player RTSP Processing "parseRTSPRequestString()" Buffer Overflow Vulnerability | ||
Description: | The parseRTSPRequestString function in Live Networks Live555 Streaming Media 2013.11.26, as used in VideoLAN VLC Media Player, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a space character at the beginning of an RTSP message, which triggers an integer underflow, infinite loop, and buffer overflow. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-6933. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-6934 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | VLC Media Player |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:25069 | |||
Oval ID: | oval:org.mitre.oval:def:25069 | ||
Title: | DSA-2973-1 -- vlc - security update | ||
Description: | Multiple buffer overflows have been found in the VideoLAN media player. Processing malformed subtitles or movie files could lead to denial of service and potentially the execution of arbitrary code. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2973-1 CVE-2013-1868 CVE-2013-1954 CVE-2013-4388 | Version: | 5 |
Platform(s): | Debian GNU/Linux 7 Debian GNU/kFreeBSD 7 | Product(s): | vlc |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
SAINT Exploits
Description | Link |
---|---|
VideoLAN VLC Media Player MKV Demuxer Code Execution | More info here |
VideoLAN VLC Media Player MMS URI Stack Overflow | More info here |
ExploitDB Exploits
id | Description |
---|---|
2011-03-26 | VLC AMV Dangling Pointer Vulnerability |
OpenVAS Exploits
Date | Description |
---|---|
2012-11-02 | Name : VLC Media Player 'libpng_plugin' Denial of Service Vulnerability (Windows) File : nvt/gb_vlc_media_player_libpng_plugin_dos_vuln_win.nasl |
2012-11-02 | Name : VLC Media Player 'libpng_plugin' Denial of Service Vulnerability (Mac OS X) File : nvt/gb_vlc_media_player_libpng_plugin_dos_vuln_macosx.nasl |
2012-11-02 | Name : VLC Media Player TiVo Demuxer Double Free Vulnerability (Windows) File : nvt/gb_vlc_media_player_demuxer_double_free_vuln_win.nasl |
2012-11-02 | Name : VLC Media Player TiVo Demuxer Double Free Vulnerability (Mac OS X) File : nvt/gb_vlc_media_player_demuxer_double_free_vuln_macosx.nasl |
2012-09-15 | Name : FreeBSD Ports: vlc File : nvt/freebsd_vlc6.nasl |
2012-07-25 | Name : VLC Media Player 'MP4' Denial of Service Vulnerability (Mac OS X) File : nvt/gb_vlc_media_player_mp4_dos_vuln_macosx.nasl |
2012-07-25 | Name : VLC Media Player 'MP4' Denial of Service Vulnerability (Windows) File : nvt/gb_vlc_media_player_mp4_dos_vuln_win.nasl |
2012-07-25 | Name : VLC Media Player OGG Demuxer Buffer Overflow Vulnerability (Windows) File : nvt/gb_vlc_media_player_ogg_demuxer_bof_vuln_win.nasl |
2012-03-21 | Name : VLC Media Player Multiple Vulnerabilities - Mar 12 (Windows) File : nvt/gb_vlc_media_player_mult_vuln_mar12_win.nasl |
2012-03-21 | Name : VLC Media Player Multiple Vulnerabilities - Mar 12 (Linux) File : nvt/gb_vlc_media_player_mult_vuln_mar12_lin.nasl |
2012-03-21 | Name : VLC Media Player Multiple Vulnerabilities - Mar 12 (MAC OS X) File : nvt/gb_vlc_media_player_mult_vuln_mar12_macosx.nasl |
2011-08-03 | Name : Debian Security Advisory DSA 2257-1 (vlc) File : nvt/deb_2257_1.nasl |
2011-07-29 | Name : VLC Media Player '.AVI' File BOF Vulnerability (Linux) File : nvt/secpod_vlc_media_player_avi_bof_vuln_lin.nasl |
2011-07-29 | Name : VLC Media Player '.AVI' File BOF Vulnerability (Windows) File : nvt/secpod_vlc_media_player_avi_bof_vuln_win.nasl |
2011-07-29 | Name : VLC Media Player '.RM' File BOF Vulnerability (Linux) File : nvt/secpod_vlc_media_player_rm_bof_vuln_lin.nasl |
2011-07-29 | Name : VLC Media Player '.RM' File BOF Vulnerability (Windows) File : nvt/secpod_vlc_media_player_rm_bof_vuln_win.nasl |
2011-07-01 | Name : VLC Media Player XSPF Playlist Integer Overflow Vulnerability (Linux) File : nvt/secpod_vlc_media_player_xspf_int_overflow_vuln_lin.nasl |
2011-07-01 | Name : VLC Media Player XSPF Playlist Integer Overflow Vulnerability (Windows) File : nvt/secpod_vlc_media_player_xspf_int_overflow_vuln_win.nasl |
2011-05-16 | Name : VLC Media Player 'MP4_ReadBox_skcr()' Buffer Overflow Vulnerability (Linux) File : nvt/gb_vlc_media_player_mp4_bof_vuln_lin.nasl |
2011-05-16 | Name : VLC Media Player 'MP4_ReadBox_skcr()' Buffer Overflow Vulnerability (Windows) File : nvt/gb_vlc_media_player_mp4_bof_vuln_win.nasl |
2011-05-16 | Name : VLC Media Player 'Bookmark Creation' Buffer Overflow Vulnerability (Windows) File : nvt/gb_vlc_media_player_bookmark_bof_vuln_win.nasl |
2011-05-16 | Name : VLC Media Player 'Bookmark Creation' Buffer Overflow Vulnerability (Linux) File : nvt/gb_vlc_media_player_bookmark_bof_vuln_lin.nasl |
2011-05-12 | Name : Debian Security Advisory DSA 2211-1 (vlc) File : nvt/deb_2211_1.nasl |
2011-05-12 | Name : Debian Security Advisory DSA 2218-1 (vlc) File : nvt/deb_2218_1.nasl |
2011-05-12 | Name : FreeBSD Ports: vlc File : nvt/freebsd_vlc5.nasl |
2011-04-01 | Name : VLC Media Player AMV and NSV Data Processing Memory Corruption vulnerability ... File : nvt/secpod_vlc_media_player_mem_crptn_vuln_win.nasl |
2011-03-07 | Name : Debian Security Advisory DSA 2159-1 (vlc) File : nvt/deb_2159_1.nasl |
2011-03-05 | Name : FreeBSD Ports: vlc File : nvt/freebsd_vlc4.nasl |
2011-02-23 | Name : VLC Media Player USF and Text Subtitles Decoders BOF Vulnerabilities (Linux) File : nvt/secpod_vlc_media_player_bof_vuln_feb11_lin.nasl |
2011-02-23 | Name : VLC Media Player USF and Text Subtitles Decoders BOF Vulnerabilities (Windows) File : nvt/secpod_vlc_media_player_bof_vuln_feb11_win.nasl |
2011-02-23 | Name : VLC Media Player '.mkv' Code Execution Vulnerability (Linux) File : nvt/secpod_vlc_media_player_code_exec_vuln_lin.nasl |
2011-02-23 | Name : VLC Media Player '.mkv' Code Execution Vulnerability (Windows) File : nvt/secpod_vlc_media_player_code_exec_vuln_win.nasl |
2011-01-31 | Name : VLC Media Player 'CDG decoder' multiple buffer overflow vulnerabilities (Linux) File : nvt/gb_vlc_media_player_bof_vuln_jan11_lin.nasl |
2011-01-31 | Name : VLC Media Player 'CDG decoder' multiple buffer overflow vulnerabilities (Wind... File : nvt/gb_vlc_media_player_bof_vuln_jan11_win.nasl |
2011-01-08 | Name : VLC Media Player Real Demuxer File Handling Array Indexing Vulnerabilities (Win) File : nvt/gb_vlc_media_player_mult_bof_vuln_win.nasl |
2010-09-03 | Name : VLC Media Player File Opening Insecure Library Loading Vulnerability (Win) File : nvt/gb_vlc_media_player_insecure_lib_load_vuln_win.nasl |
2010-08-21 | Name : FreeBSD Ports: vlc File : nvt/freebsd_vlc3.nasl |
2010-08-19 | Name : VLC Media Player Meta-Information Denial of Service Vulnerability (Linux) File : nvt/gb_vlc_media_player_dos_vuln_lin.nasl |
2010-08-19 | Name : VLC Media Player Meta-Information Denial of Service Vulnerability (Windows) File : nvt/gb_vlc_media_player_dos_vuln_win.nasl |
2010-05-04 | Name : FreeBSD Ports: vlc File : nvt/freebsd_vlc2.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
77975 | VLC Media Player modules/demux/ty.c get_chunk_header() Function Double-free T... |
74737 | VLC Media Player XSPF Playlist Processing DoS |
74736 | VLC Media Player ZIP Archive Decompression DoS |
74735 | VLC Media Player Real Time Messaging Protocol (RTMP) Parsing Overflow |
74734 | VLC Media Player AVI / ASF / Matroska (MKV) Decoding Unspecified DoS |
74733 | VLC Media Player A/52 / DTS / MPEG Audio Decoding Overflow |
74057 | VLC Media Player AVI Demuxer libavi.c AVI_ChunkRead_strf Function Overflow |
74056 | VLC Media Player RealMedia Demuxer real.c DemuxAudioSipr Function Overflow |
73450 | VLC Media Player XSPF Playlist Parser Unspecified Overflow |
72906 | VLC Media Player Text Decoder modules/codec/subtitles/subsusf.c StripTags Fun... |
72905 | VLC Media Player USF Decoder modules/codec/subtitles/subsdec.c StripTags Func... |
71705 | VLC Media Player modules/demux/mp4/libmp4.c MP4_ReadBox_skcr() Function Overflow |
71278 | VLC Media Player libdirectx_plugin.dll NSV File Large Video Dimension Overflow VLC Media Player is prone to an overflow condition. libdirectx_plugin.dll fails to properly sanitize user-supplied input resulting in a buffer overflow. With a specially crafted width in an NSV file, a context-dependent attacker can potentially execute arbitrary code. |
71277 | VLC Media Player libdirectx_plugin.dll AMV File Large Video Dimension Overflow VLC Media Player is prone to an overflow condition. libdirectx_plugin.dll fails to properly sanitize user-supplied input resulting in a buffer overflow. With a specially crafted width in an AMV file, a context-dependent attacker can potentially execute arbitrary code. |
70698 | VLC Media Player MKV Demuxer modules/demux/mkv/mkv.hpp MKV_IS_ID Macro Arbitr... VLC Media Player contains an input validation error within the 'MKV_IS_ID' macro in 'modules/demux/mkv/mkv.hpp' of the MKV demuxer. This may be exploited by a context-dependent attacker with a crafted MKV file to execute arbitrary code. |
70656 | VLC Media Player CDG Decoder cdg.c Crafted Video File Handling Overflow DoS VLC Media Player is prone to an overflow condition. The program fails to properly sanitize user-supplied input resulting in a heap-based buffer overflow. With a specially crafted CDG video, a context-dependent attacker can cause a denial of service, or possibly execute arbitrary code. |
70242 | VLC Media Player modules/demux/real.c Array Indexing Error Code Execution VLC Media Player contains a flaw related to an array indexing error within the Real demuxer. The issue is triggered when a context-dependent attacker tricks a users into opening a crafted Real Media file. This may allow an attacker to execute arbitrary code. |
67492 | VLC Media Player Path Subversion Arbitrary DLL Injection Code Execution VLC Media Player is prone to a flaw in the way it loads dynamic-link libraries (e.g., wintab32.dll). The program uses a fixed path to look for specific files or libraries. This path includes directories that may not be trusted or under user control. By placing a custom version of the file or library in the path, the program will load it before the legitimate version. This allows an attacker to inject custom code that will be run with the privilege of the program or user executing the program. This can be done by tricking a user into opening a MP3 file from the local file system or a USB drive in some cases. This attack can be leveraged remotely in some cases by placing the malicious file or library on a network share or extracted archive downloaded from a remote source. |
67331 | VLC Media Player TagLib Plugin taglib.cpp ReadMetaFromId3v2 Function DoS |
62728 | VLC Media Player Bookmark Creation Crafted File Handling Memory Corruption VLC media player is vulnerable to a buffer overflow attack when processing .mp3 file and its metadata. It fails to perform boundry checks when creating a bookmark from the malicious media file playing, resulting in a crash, overwriting ECX register. While the evil .mp3 is playing, you go Playback > Bookmarks > Manage bookmarks > Create. |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | Microsoft Multiple Products malformed PNG detected tEXt overflow attempt RuleID : 6700 - Revision : 20 - Type : FILE-IMAGE |
2019-09-17 | VideoLAN VLC Media Player Live555 RTSP plugin stack-based buffer overflow att... RuleID : 51040 - Revision : 1 - Type : FILE-MULTIMEDIA |
2015-06-09 | VideoLAN VLC Media Player XSPF integer overflow attempt RuleID : 34344 - Revision : 3 - Type : FILE-MULTIMEDIA |
2015-06-09 | VideoLAN VLC Media Player XSPF integer overflow attempt RuleID : 34343 - Revision : 3 - Type : FILE-MULTIMEDIA |
2014-04-17 | VideoLAN VLC Media Player Live555 RTSP plugin stack-based buffer overflow att... RuleID : 30215 - Revision : 5 - Type : FILE-MULTIMEDIA |
2014-01-10 | VideoLAN VLC webm memory corruption attempt RuleID : 24283 - Revision : 5 - Type : FILE-MULTIMEDIA |
2014-01-10 | VLC mms hostname buffer overflow attempt RuleID : 23577 - Revision : 9 - Type : FILE-OTHER |
2014-01-10 | VLC mms hostname buffer overflow attempt RuleID : 21922 - Revision : 11 - Type : FILE-OTHER |
2014-01-10 | VideoLAN VLC webm memory corruption attempt RuleID : 20227 - Revision : 12 - Type : FILE-MULTIMEDIA |
2014-01-10 | VideoLAN VLC Media Player libdirectx_plugin.dll AMV parsing buffer overflow a... RuleID : 19883 - Revision : 7 - Type : FILE-MULTIMEDIA |
2014-01-10 | VideoLAN VLC Media Player Subtitle StripTags Heap Buffer Overflow RuleID : 19421 - Revision : 12 - Type : FILE-MULTIMEDIA |
2014-01-10 | VideoLAN VLC Media Player Subtitle StripTags Heap Buffer Overflow RuleID : 19420 - Revision : 12 - Type : FILE-MULTIMEDIA |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2014-11-06 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201411-01.nasl - Type : ACT_GATHER_INFO |
2014-07-09 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2973.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-275.nasl - Type : ACT_GATHER_INFO |
2014-02-04 | Name : The remote Windows host contains a media player that is affected by a buffer ... File : vlc_2_1_2.nasl - Type : ACT_GATHER_INFO |
2013-10-27 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201310-13.nasl - Type : ACT_GATHER_INFO |
2013-10-23 | Name : The remote Windows host contains a media player that is affected by a buffer ... File : vlc_2_0_9.nasl - Type : ACT_GATHER_INFO |
2013-04-25 | Name : The remote Windows host contains a media player that is affected by a buffer ... File : vlc_2_0_6.nasl - Type : ACT_GATHER_INFO |
2013-04-20 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2013-131.nasl - Type : ACT_GATHER_INFO |
2013-01-04 | Name : The remote Windows host contains a media player that is affected by multiple ... File : vlc_2_0_5.nasl - Type : ACT_GATHER_INFO |
2012-12-03 | Name : The remote Windows host contains a media player that is affected by a code ex... File : vlc_1_1_13.nasl - Type : ACT_GATHER_INFO |
2012-09-17 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_62f36dfdff5611e18821001b2134ef46.nasl - Type : ACT_GATHER_INFO |
2012-07-19 | Name : The remote Windows host contains a media player that is affected by a buffer ... File : vlc_2_0_2.nasl - Type : ACT_GATHER_INFO |
2012-03-21 | Name : The remote Windows host contains a media player that is affected by multiple ... File : vlc_2_0_1.nasl - Type : ACT_GATHER_INFO |
2011-07-18 | Name : The remote Windows host contains a media player that can allow code execution. File : vlc_1_1_11.nasl - Type : ACT_GATHER_INFO |
2011-06-10 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2257.nasl - Type : ACT_GATHER_INFO |
2011-06-09 | Name : The remote Windows host contains a media player that can allow code execution. File : vlc_1_1_10.nasl - Type : ACT_GATHER_INFO |
2011-04-13 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2218.nasl - Type : ACT_GATHER_INFO |
2011-04-13 | Name : The remote Windows host contains a media player that is affected by multiple ... File : vlc_1_1_9.nasl - Type : ACT_GATHER_INFO |
2011-04-07 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2211.nasl - Type : ACT_GATHER_INFO |
2011-03-25 | Name : The remote Windows host contains a media player that is affected by multiple ... File : vlc_1_1_8.nasl - Type : ACT_GATHER_INFO |
2011-02-11 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2159.nasl - Type : ACT_GATHER_INFO |
2011-02-02 | Name : The remote Windows host contains an media player that is affected by a code e... File : vlc_1_1_7.nasl - Type : ACT_GATHER_INFO |
2011-01-27 | Name : The remote Windows host contains an media player that is affected by multiple... File : vlc_1_1_6.nasl - Type : ACT_GATHER_INFO |
2010-08-27 | Name : The remote Windows host contains an application that allows arbitrary code ex... File : vlc_1_1_4.nasl - Type : ACT_GATHER_INFO |
2010-08-26 | Name : The remote Windows host contains an application that suffers from multiple vu... File : vlc_1_0_6.nasl - Type : ACT_GATHER_INFO |
2010-08-16 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_e7d91a3ca7c911df870c00242b513d7c.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-12-27 00:26:27 |
|
2014-11-07 13:26:28 |
|
2014-11-06 00:23:05 |
|