VLC Media Player < 1.1.6 Multiple Vulnerabilities

High Nessus Plugin ID 51772


The remote Windows host contains an media player that is affected by multiple vulnerabilities.


The version of VLC media player installed on the remote host is earlier than 1.1.6. Such versions are reportedly affected by the following vulnerabilities :

- An integer overflow vulnerability exists due a failure to properly parse the header of a Real Media, which could then trigger a heap-based buffer overflow. It is not yet known if this issue can be exploited to execute arbitrary code. (CVE-2010-3907)

- There are two heap corruption vulnerabilities in the CDG decoder that arise because of a failure to validate indices into statically-sized arrays on the heap, which could allow for arbitrary code execution. (CVE-2011-0021)

- The 'StripTags()' function in the USF and Text decoders may scan past the end of a subtitle in an MKV file with an opening '<' char but without a corresponding closing '>' char, resulting in heap memory corruption. (CVE-2011-0522)


Upgrade to VLC Media Player version 1.1.6 or later.

See Also






Plugin Details

Severity: High

ID: 51772

File Name: vlc_1_1_6.nasl

Version: $Revision: 1.10 $

Type: local

Agent: windows

Family: Windows

Published: 2011/01/27

Modified: 2016/05/19

Dependencies: 31852

Risk Information

Risk Factor: High


Base Score: 9.3

Temporal Score: 7.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:POC/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:videolan:vlc_media_player

Required KB Items: SMB/VLC/Version

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2011/01/23

Vulnerability Publication Date: 2011/01/25

Exploitable With

CANVAS (White_Phosphorus)

Reference Information

CVE: CVE-2010-3907, CVE-2011-0021, CVE-2011-0522

BID: 45632, 45927, 46008

OSVDB: 70242, 70656, 72905, 72906