VLC Media Player < 1.1.6 Multiple Vulnerabilities
High Nessus Plugin ID 51772
SynopsisThe remote Windows host contains an media player that is affected by multiple vulnerabilities.
DescriptionThe version of VLC media player installed on the remote host is earlier than 1.1.6. Such versions are reportedly affected by the following vulnerabilities :
- An integer overflow vulnerability exists due a failure to properly parse the header of a Real Media, which could then trigger a heap-based buffer overflow. It is not yet known if this issue can be exploited to execute arbitrary code. (CVE-2010-3907)
- There are two heap corruption vulnerabilities in the CDG decoder that arise because of a failure to validate indices into statically-sized arrays on the heap, which could allow for arbitrary code execution. (CVE-2011-0021)
- The 'StripTags()' function in the USF and Text decoders may scan past the end of a subtitle in an MKV file with an opening '<' char but without a corresponding closing '>' char, resulting in heap memory corruption. (CVE-2011-0522)
SolutionUpgrade to VLC Media Player version 1.1.6 or later.