VLC Media Player > 0.5.0 and < 1.1.11 Multiple Code Execution Vulnerabilities
High Log Correlation Engine Plugin ID 801177
SynopsisThe remote host contains an application that is vulnerable to multiple attack vectors
DescriptionThe remote host contains VLC player, a multi-media application.
Versions of VLC media player earlier than 1.1.11 are potentially affected by multiple vulnerabilities :
- A buffer overflow vulnerability exists in the Read Media file parser. (SA-1105)
- A heap overflow vulnerability exists in the AVI file parser. (SA-1106)
SolutionUpgrade to VLC Media Player version 1.1.11 or later.