Lucene search
This script is Copyright (C) 2011-2018 Tenable Network Security, Inc.VLC_1_1_8.NASLHistoryMar 25, 2011 - 12:00 a.m.
VLC Media Player < 1.1.8 Multiple Buffer Overflows
2011-03-2500:00:00
This script is Copyright (C) 2011-2018 Tenable Network Security, Inc.
www.tenable.com
13
The version of VLC media player installed on the remote host is earlier than 1.1.8. Such versions are reportedly affected by buffer overflow vulnerabilities when handling specially crafted AMV and NSV files, which could result in arbitrary code execution.
#
# (C) Tenable Network Security, Inc.
#
include("compat.inc");
if (description)
{
script_id(52976);
script_version("1.13");
script_cvs_date("Date: 2018/11/15 20:50:29");
script_cve_id("CVE-2010-3275", "CVE-2010-3276");
script_bugtraq_id(47012);
script_name(english:"VLC Media Player < 1.1.8 Multiple Buffer Overflows");
script_summary(english:"Checks version of VLC");
script_set_attribute(
attribute:"synopsis",
value:
"The remote Windows host contains a media player that is affected by
multiple buffer overflow vulnerabilities."
);
script_set_attribute(
attribute:"description",
value:
"The version of VLC media player installed on the remote host is
earlier than 1.1.8. Such versions are reportedly affected by buffer
overflow vulnerabilities when handling specially crafted AMV and NSV
files, which could result in arbitrary code execution."
);
script_set_attribute(
attribute:"see_also",
value:"https://www.secureauth.com/labs/advisories/vlc-vulnerabilities-amv-nsv-files"
);
script_set_attribute(
attribute:"see_also",
value:"http://www.videolan.org/vlc/releases/1.1.8.html"
);
script_set_attribute(
attribute:"solution",
value:"Upgrade to VLC Media Player version 1.1.8 or later."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"exploit_framework_core", value:"true");
script_set_attribute(attribute:"metasploit_name", value:'VLC AMV Dangling Pointer Vulnerability');
script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
script_set_attribute(attribute:"canvas_package", value:'White_Phosphorus');
script_set_attribute(attribute:"vuln_publication_date", value:"2011/03/23");
script_set_attribute(attribute:"patch_publication_date", value:"2011/03/23");
script_set_attribute(attribute:"plugin_publication_date", value:"2011/03/25");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:videolan:vlc_media_player");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Windows");
script_copyright(english:"This script is Copyright (C) 2011-2018 Tenable Network Security, Inc.");
script_dependencies("vlc_installed.nasl");
script_require_keys("SMB/VLC/Version");
exit(0);
}
include("global_settings.inc");
include("misc_func.inc");
version = get_kb_item_or_exit("SMB/VLC/Version");
# nb: 'version' may look like '0.9.8a'!
if (
version =~ "^0\." ||
version =~ "^1\.0\." ||
version =~ "^1\.1\.[0-7]($|[^0-9])"
)
{
if (report_verbosity > 0)
{
path = get_kb_item("SMB/VLC/File");
if (isnull(path)) path = "n/a";
else path = ereg_replace(pattern:"^(.+)\\[^\\]+$", replace:"\1", string:path);
report =
'\n Path : ' + path +
'\n Installed version : ' + version +
'\n Fixed version : 1.1.8\n';
security_hole(port:get_kb_item("SMB/transport"), extra:report);
}
else security_hole(get_kb_item("SMB/transport"));
exit(0);
}
else exit(0, "The host is not affected since VLC "+version+" is installed.");
| Vendor | Product | Version | CPE |
|---|---|---|---|
| videolan | vlc_media_player | cpe:/a:videolan:vlc_media_player |
Related
openvas
openvas
VLC Media Player AMV and NSV Data Processing Memory Corruption vulnerability (Windows)
2011-04-01 00:00:00
VLC Media Player AMV and NSV Data Processing Memory Corruption Vulnerability - Windows
2011-04-01 00:00:00
Debian: Security Advisory (DSA-2211-1)
2011-05-12 00:00:00
seebug
seebug
VLC Media Player ".AMV"ε".NSV"ε€δΈͺθΏη¨ηΌε²εΊζΊ’εΊζΌζ΄
2011-03-29 00:00:00
VLC AMV Dangling Pointer Vulnerability
2011-03-27 00:00:00
securityvulns
securityvulns
VLC media player security vulnerabilities
2011-03-25 00:00:00
CORE-2011-0208: VLC Vulnerabilities handling .AMV and .NSV files
2011-03-25 00:00:00
debiancve
debiancve
CVE-2010-3275
2011-03-28 16:55:00
CVE-2010-3276
2011-03-28 16:55:00
ubuntucve
ubuntucve
CVE-2010-3276
2011-03-28 00:00:00
CVE-2010-3275
2011-03-28 00:00:00
cve
cve
CVE-2010-3275
2011-03-28 16:55:00
CVE-2010-3276
2011-03-28 16:55:00
prion
prion
Code injection
2011-03-28 16:55:00
Design/Logic Flaw
2011-03-28 16:55:00
packetstorm
packetstorm
VLC AMV Dangling Pointer Vulnerability
2011-03-26 00:00:00
metasploit
metasploit
VLC AMV Dangling Pointer Vulnerability
2011-03-25 21:03:12
debian
debian
[SECURITY] [DSA 2211-1] vlc security update
2011-04-06 21:51:11
nessus
nessus
Debian DSA-2211-1 : vlc - missing input sanitising
2011-04-07 00:00:00
GLSA-201411-01 : VLC: Multiple vulnerabilities
2014-11-06 00:00:00
exploitdb
exploitdb
gentoo
gentoo
VLC: Multiple vulnerabilities
2014-11-05 00:00:00
Related for VLC_1_1_8.NASL