VLC Media Player < 0.8.6h Multiple Vulnerabilities

This script is Copyright (C) 2008-2016 Tenable Network Security, Inc.


Synopsis :

The remote Windows host contains a media player that is affected by
several vulnerabilities.

Description :

The version of VLC Media Player installed on the remote host
reportedly includes versions of GnuTLS, libgcrypt, and libxml2 that
are affected by various denial of service and buffer overflow
vulnerabilities.

See also :

http://www.videolan.org/developers/vlc/NEWS

Solution :

Upgrade to VLC Media Player version 0.8.6h or later.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 8.1
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false

Family: Windows

Nessus Plugin ID: 33278 ()

Bugtraq ID: 27248
29292

CVE ID: CVE-2008-1948
CVE-2008-1949
CVE-2008-1950
CVE-2007-6284

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now