VLC Media Player < 2.1.5 Multiple Vulnerabilities

medium Nessus Network Monitor Plugin ID 9265
New! Plugin Severity Now Using CVSS v3

The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Synopsis

The remote host contains a media application that is affected by two memory corruption vulnerabilities.

Description

The remote host is running VLC 2.x prior to 2.1.5 and is affected by multiple vulnerabilities :

- An error exists in the 'png_push_read_chunk()' function within the file 'pngpread.c' from the included libpng library that can allow denial of service attacks. (CVE-2014-0333)
- A buffer overflow error exists in the 'read_server_hello()' function within the file 'lib/gnutls_handshake.c' from the included GnuTLS library that can allow arbitrary code execution or denial of service. (CVE-2014-3466)
- A heap-based buffer overflow error exists in the transcode module due to improper validation of user-supplied input when handling invalid channel counts. An attacker can exploit this to execute arbitrary code. (CVE-2014-6440)

Solution

Upgrade to VLC Media Player version 2.1.5 or later.

See Also

http://www.videolan.org/developers/vlc-branch/NEWS

http://www.videolan.org/vlc/releases/2.1.5.html

Plugin Details

Severity: Medium

ID: 9265

Family: Web Clients

Published: 3/22/2015

Updated: 3/6/2019

Dependencies: 9797

Nessus ID: 78626

Risk Information

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:POC/RL:OF/RC:C

CVSS v3

Risk Factor: Medium

Base Score: 5.6

Temporal Score: 5.1

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: cpe:2.3:a:videolan:vlc_media_player:*:*:*:*:*:*:*:*

Patch Publication Date: 1/20/2015

Vulnerability Publication Date: 1/20/2015

Reference Information

CVE: CVE-2014-0333, CVE-2014-3466, CVE-2014-6440

BID: 65776, 67741, 72950