Lucene search

Kaspersky LabKLA10009

HistoryMar 03, 2014 - 12:00 a.m.

KLA10009 Denial of Service in VideoLAN VLC Media Player

2014-03-0300:00:00

Kaspersky Lab

threats.kaspersky.com

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

6.4 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

32.6%

JSON

An unspecified vulnerability was found in VLC versions 2.0.7 and earlier. By exploiting this vulnerability malicious users can cause denial of service. This vulnerability can be exploited from the network through a specially designed playlist file.

Original advisories

NVD

Related products

VLC-media-player

CVE list

CVE-2013-7340 warning

Solution

Update to latest version

VLC

Impacts

Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.

Affected Products

VideoLAN VLC Media Player before 2.0.7

References

web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-7340

statistics.securelist.com/

threats.kaspersky.com/en/product/VLC-media-player/

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

6.4 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

32.6%

JSON

Related for KLA10009