VLC Media Player < 1.1.6 Multiple Vulnerabilities

This script is Copyright (C) 2011-2016 Tenable Network Security, Inc.


Synopsis :

The remote Windows host contains an media player that is affected by
multiple vulnerabilities.

Description :

The version of VLC media player installed on the remote host is
earlier than 1.1.6. Such versions are reportedly affected by the
following vulnerabilities :

- An integer overflow vulnerability exists due a failure
to properly parse the header of a Real Media, which
could then trigger a heap-based buffer overflow. It is
not yet known if this issue can be exploited to execute
arbitrary code. (CVE-2010-3907)

- There are two heap corruption vulnerabilities in the
CDG decoder that arise because of a failure to validate
indices into statically-sized arrays on the heap, which
could allow for arbitrary code execution. (CVE-2011-0021)

- The 'StripTags()' function in the USF and Text decoders
may scan past the end of a subtitle in an MKV file with
an opening '<' char but without a corresponding closing
'>' char, resulting in heap memory corruption.
(CVE-2011-0522)

See also :

http://www.nessus.org/u?0c2a0870
http://www.videolan.org/security/sa1007.html
http://www.nessus.org/u?24b9825d
http://www.videolan.org/security/sa1101.html
http://www.videolan.org/developers/vlc-branch/NEWS

Solution :

Upgrade to VLC Media Player version 1.1.6 or later.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.3
(CVSS2#E:POC/RL:OF/RC:C)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 51772 ()

Bugtraq ID: 45632
45927
46008

CVE ID: CVE-2010-3907
CVE-2011-0021
CVE-2011-0522

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now