VLC Media Player Multiple Remote Buffer Overflow Vulnerabilities
BID:52550
Info
VLC Media Player Multiple Remote Buffer Overflow Vulnerabilities
| Bugtraq ID: | 52550 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2012-1775 CVE-2012-1776 |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 19 2012 12:00AM |
| Updated: | Nov 10 2014 12:58AM |
| Credit: | Florent Hochwelker aka TaPiOn |
| Vulnerable: |
VideoLAN VLC media player 2.0 VideoLAN VLC media player 1.2 VideoLAN VLC media player 1.1.9 VideoLAN VLC media player 1.1.8 VideoLAN VLC media player 1.1.7 Gentoo Linux |
| Not Vulnerable: |
VideoLAN VLC media player 2.0.1 |
Discussion
VLC Media Player Multiple Remote Buffer Overflow Vulnerabilities
VLC media player is prone to multiple buffer-overflow vulnerabilities.
Attackers can exploit these issues to execute arbitrary code in the context of the affected application or crash the application, denying service to legitimate users.
Versions prior to VLC media player 2.0.1 are vulnerable.
VLC media player is prone to multiple buffer-overflow vulnerabilities.
Attackers can exploit these issues to execute arbitrary code in the context of the affected application or crash the application, denying service to legitimate users.
Versions prior to VLC media player 2.0.1 are vulnerable.
Exploit / POC
VLC Media Player Multiple Remote Buffer Overflow Vulnerabilities
The following exploit is available:
The following exploit is available:
Solution / Fix
VLC Media Player Multiple Remote Buffer Overflow Vulnerabilities
Solution:
Updates are available. Please see the references for more details.
Solution:
Updates are available. Please see the references for more details.
References
VLC Media Player Multiple Remote Buffer Overflow Vulnerabilities
References:
References:
- Security Advisory 1201 Stack overflow in VLC MMS support (VideoLAN)
- Security Advisory 1202 Heap overflows in VLC Real RTSP support. (VideoLAN)
- VLC Homepage (VideoLAN)