Executive Summary
Summary | |
---|---|
Title | VLC Media Player format string vulnerability |
Informations | |||
---|---|---|---|
Name | VU#200928 | First vendor Publication | 2007-07-23 |
Vendor | VU-CERT | Last vendor Modification | 2007-07-24 |
Severity (Vendor) | N/A | Revision | M |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Vulnerability Note VU#200928VLC Media Player format string vulnerabilityOverviewVLC contains a format string vulnerability that may allow an attacker to execute code.I. DescriptionVideoLAN (VLC) is a streaming media player that runs on multiple platforms.From VideoLAN Security Advisory 0702: VLC media player Ogg/Vorbis, Ogg/Theora, CDDA (CD Digital Audio) and SAP (Service Announce Protocol) plugins are prone to a C-style format string vulnerability when trying to parse a media data stream. Valid but carefully crafted .ogg (Vorbis) or .ogm (Theora) files, CDDB entries or SAP/SDP messages can trigger the bug. We therefore consider this bug to have a high severity. II. ImpactA remote, unauthenticated attacker may be able to execute arbitrary code with the privileges of the user running VLC.III. SolutionUpgrade
References
Thanks to the VLC team for information that was used in this report. This document was written by Ryan Giobbi.
|
Original Source
Url : http://www.kb.cert.org/vuls/id/200928 |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:14600 | |||
Oval ID: | oval:org.mitre.oval:def:14600 | ||
Title: | Multiple format string vulnerabilities in plugins in VideoLAN VLC Media Player before 0.8.6c | ||
Description: | Multiple format string vulnerabilities in plugins in VideoLAN VLC Media Player before 0.8.6c allow remote attackers to cause a denial of service (crash) or execute arbitrary code via format string specifiers in (1) an Ogg/Vorbis file, (2) an Ogg/Theora file, (3) a CDDB entry for a CD Digital Audio (CDDA) file, or (4) Service Announce Protocol (SAP) multicast packets. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2007-3316 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP | Product(s): | VLC Media Player |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 2 |
OpenVAS Exploits
Date | Description |
---|---|
2008-09-24 | Name : Gentoo Security Advisory GLSA 200707-12 (vlc) File : nvt/glsa_200707_12.nasl |
2008-09-04 | Name : FreeBSD Ports: vlc File : nvt/freebsd_vlc.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1332-1 (vlc) File : nvt/deb_1332_1.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
37382 | VLC Media Player Service Announce Protocol (SAP) Multicast Packet Format String |
37381 | VLC Media Player CD Digital Audio (CDDA) Plugin CDDB Entry Processing Format ... |
37380 | VLC Media Player Ogg/Theora File Handling Plugin Format String VLC Media Player contains a format string vulnerability that may allow a malicious user to excecute arbitrary code. The issue is triggered when a specially crafted .ogm (Theora) file is processed by the player. It is possible that the flaw may allow code excecution and memory corruption resulting in a loss of integrity. |
37379 | VLC Media Player Ogg/Vorbis File Handling Plugin Format String |
Snort® IPS/IDS
Date | Description |
---|---|
2017-10-03 | VideoLAN VLC Media Player Ogg/Vorbis denial of service attempt RuleID : 44205 - Revision : 2 - Type : FILE-OTHER |
2017-10-03 | VideoLAN VLC Media Player Ogg/Vorbis denial of service attempt RuleID : 44204 - Revision : 2 - Type : FILE-OTHER |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2007-07-30 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200707-12.nasl - Type : ACT_GATHER_INFO |
2007-07-11 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1332.nasl - Type : ACT_GATHER_INFO |
2007-07-01 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_7128fb45263311dc94da0016179b2dd5.nasl - Type : ACT_GATHER_INFO |