FreeBSD : vlc -- stack overflow in MPA, AVI and ASF demuxer (3149ab1c-c8b9-11de-b87b-0011098ad87f)

This script is Copyright (C) 2009-2013 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

VideoLAN reports :

When parsing a MP4, ASF or AVI file with an overly deep box structure,
a stack overflow might occur. It would overwrite the return address
and thus redirect the execution flow.

If successful, a malicious third party could trigger execution of
arbitrary code within the context of the VLC media player.

See also :

http://www.videolan.org/security/sa0901.html
http://www.nessus.org/u?2be1aa11

Solution :

Update the affected package.

Risk factor :

High

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 42355 (freebsd_pkg_3149ab1cc8b911deb87b0011098ad87f.nasl)

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now