Vulners
Lucene search
VLC Media Player < 0.8.6h Multiple Vulnerabilities
| Reporter | Title | Published | Views | Family All 202 |
|---|---|---|---|---|
 | VLC Media Player < 0.8.6h Multiple Vulnerabilities (deprecated) | 18 Aug 200400:00 | – | nessus |
| CentOS 3 / 4 / 5 : libxml2 (CESA-2008:0032) | 14 Jan 200800:00 | – | nessus |
| CentOS 5 : gnutls (CESA-2008:0489) | 6 Jan 201000:00 | – | nessus |
| CentOS 4 : gnutls (CESA-2008:0492) | 6 Jan 201000:00 | – | nessus |
| Debian DSA-1461-1 : libxml2 - missing input validation | 14 Jan 200800:00 | – | nessus |
| Debian DSA-1581-1 : gnutls13 - several vulnerabilities | 22 May 200800:00 | – | nessus |
| Fedora 8 : libxml2-2.6.31-1.fc8 (2008-0462) | 14 Jan 200800:00 | – | nessus |
| Fedora 7 : libxml2-2.6.31-1.fc7 (2008-0477) | 14 Jan 200800:00 | – | nessus |
| Fedora 8 : gnutls-1.6.3-3.fc8 (2008-4183) | 22 May 200800:00 | – | nessus |
| Fedora 9 : gnutls-2.0.4-3.fc9 (2008-4259) | 22 May 200800:00 | – | nessus |
10
#
# (C) Tenable Network Security, Inc.
#
include("compat.inc");
if (description)
{
script_id(33278);
script_version("1.11");
script_cve_id("CVE-2008-1948", "CVE-2008-1949", "CVE-2008-1950", "CVE-2007-6284");
script_bugtraq_id(27248, 29292);
script_name(english:"VLC Media Player < 0.8.6h Multiple Vulnerabilities");
script_summary(english:"Checks version of VLC");
script_set_attribute(attribute:"synopsis", value:
"The remote Windows host contains a media player that is affected by
several vulnerabilities." );
script_set_attribute(attribute:"description", value:
"The version of VLC Media Player installed on the remote host
reportedly includes versions of GnuTLS, libgcrypt, and libxml2 that
are affected by various denial of service and buffer overflow
vulnerabilities." );
script_set_attribute(attribute:"see_also", value:"http://www.videolan.org/developers/vlc/NEWS" );
script_set_attribute(attribute:"solution", value:
"Upgrade to VLC Media Player version 0.8.6h or later." );
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_cwe_id(189, 287, 399);
script_set_attribute(attribute:"plugin_publication_date", value: "2008/06/30");
script_cvs_date("Date: 2018/08/06 14:03:16");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:videolan:vlc_media_player");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Windows");
script_copyright(english:"This script is Copyright (C) 2008-2018 Tenable Network Security, Inc.");
script_dependencies("vlc_installed.nasl");
script_require_keys("SMB/VLC/Version");
exit(0);
}
include("global_settings.inc");
ver = get_kb_item("SMB/VLC/Version");
if (ver && tolower(ver) =~ "^0\.([0-7]\.|8\.([0-5]|6($|[a-g])))")
{
if (report_verbosity)
{
report = string(
"\n",
"VLC Media Player version ", ver, " is currently installed on the remote host.\n"
);
security_hole(port:get_kb_item("SMB/transport"), extra:report);
}
else security_hole(get_kb_item("SMB/transport"));
}
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
06 Aug 2018 14:03Current
8.3High risk
Vulners AI Score8.3
CVSS 210
EPSS0.199