Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

VLC Media Player > 0.5.0 and < 1.1.11 Multiple Code Execution Vulnerabilities

High

Synopsis

The remote host contains an application that is vulnerable to multiple attack vectors

Description

The remote host contains VLC player, a multi-media application.

Versions of VLC media player earlier than 1.1.11 are potentially affected by multiple vulnerabilities :

- A buffer overflow vulnerability exists in the Read Media file parser. (SA-1105)

- A heap overflow vulnerability exists in the AVI file parser. (SA-1106)

Solution

Upgrade to VLC Media Player version 1.1.11 or later.