VLC Media Player > 0.5.0 and < 1.1.11 Multiple Code Execution Vulnerabilities

High Log Correlation Engine Plugin ID 801177


The remote host contains an application that is vulnerable to multiple attack vectors


The remote host contains VLC player, a multi-media application.

Versions of VLC media player earlier than 1.1.11 are potentially affected by multiple vulnerabilities :

- A buffer overflow vulnerability exists in the Read Media file parser. (SA-1105)

- A heap overflow vulnerability exists in the AVI file parser. (SA-1106)


Upgrade to VLC Media Player version 1.1.11 or later.

See Also



Plugin Details

Severity: High

ID: 801177

File Name: 801177.prm

Family: Web Clients

Published: 2011/07/18

Nessus ID: 55608

Risk Information

Risk Factor: High


Base Score: 9.3

Temporal Score: 6.9

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

Patch Publication Date: 2011/07/15

Vulnerability Publication Date: 2011/07/12

Reference Information

CVE: CVE-2011-2587, CVE-2011-2588

BID: 48664