Lucene search

K

Kaspersky LabKLA10008

HistoryMay 14, 2014 - 12:00 a.m.

KLA10008 Denial of Service in VideoLAN VLC Media Player

2014-05-1400:00:00

Kaspersky Lab

threats.kaspersky.com

21

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

6.4 Medium

AI Score

Confidence

Low

0.265 Low

EPSS

Percentile

96.8%

An unspecified vulnerability was found in VLC versions 2.1.3 and earlier. By exploiting this vulnerability malicious users can cause denial of service. This vulnerability can be exploited from the network through a specially designed .png file. It is caused by codeclibpng_plugin.dll.

Original advisories

Related products

VLC-media-player

CVE list

CVE-2014-3441 warning

Solution

Update to latest version

Impacts

DoS

Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.

Affected Products

VideoLAN VLC Media Player 2.1.3

References

web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3441

statistics.securelist.com/

threats.kaspersky.com/en/product/VLC-media-player/

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

6.4 Medium

AI Score

Confidence

Low

0.265 Low

EPSS

Percentile

96.8%

Related for KLA10008

packetstorm1 prion1 nessus1 cve1 openvas3 cvelist1 ubuntucve1 nvd1 debiancve1