VLC Detection

VLC, a free and portable media player from the VideoLAN organization, is installed on the remote Windows host. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid31852; scriptversion"1.22"; scriptsetattributeattribute:"pluginmodificationdate", value:"2022/10/10";...

VLC媒体播放器MP4_ReadBox_rdrf()函数堆溢出漏洞

BUGTRAQ ID: 28433 CVECAN ID: CVE-2008-1489 VLC Media Player是一款免费的媒体播放器。 VLC播放器的modules/demux/mp4/libmp4.c文件中的MP4ReadBoxrdrf函数存在整数溢出漏洞，如果用户受骗打开的MP4文件中包含有特制的RDRF元素的话，就可能触发堆溢出，导致执行任意指令。 VideoLAN VLC Media Player 0.8.6e Rémi Denis-Courmont （[email protected]） 链接：http://secunia.com/advisories/29503/...

VideoLAN VLC media player multiple security vulnerabilities

Buffer overflow on subtitles parsing, format string vulnerability in Web interface TCP/8080...

VideoLAN VLC媒体播放器MP4 Demuxer远程代码执行漏洞

BUGTRAQ ID: 28007 CVECAN ID: CVE-2008-0984 VLC Media Player是一款免费的媒体播放器。 VLC媒体播放器的MPEG-4文件格式解析器（MP4 demuxer）在解析特制的MP4输入文件时存在任意内存覆盖漏洞，远程攻击者可能利用此漏洞控制用户系统。 以下demux/mp4/mp4.c文件中的漏洞代码使用用户提供的数据初始化堆数组的任意索引： /----------- 910 if !pco64 = MP4BoxGet pdemuxtrack-pstbl, "stco" && 911 !pco64 = MP4BoxGet...

VideoLAN VLC media player memory corruption

Memory corruption on .MOV MP4 files parsing...

CVE-2007-6683

The browser plugin in VideoLAN VLC 0.8.6d allows remote attackers to overwrite arbitrary files via 1 the :demuxdump-file option in a filename in a playlist, or 2 a EXTVLCOPT statement in an MP3 file, possibly an argument injection vulnerability...

CVE-2007-6682

Format string vulnerability in the httpdFileCallBack function network/httpd.c in VideoLAN VLC 0.8.6d allows remote attackers to execute arbitrary code via format string specifiers in the Connection parameter...

CVE-2007-6681

Stack-based buffer overflow in modules/demux/subtitle.c in VideoLAN VLC 0.8.6d allows remote attackers to execute arbitrary code via a long subtitle in a 1 MicroDvd, 2 SSA, and 3 Vplayer file...

Null pointer dereference

The RTSP module in VideoLAN VLC 0.8.6d allows remote attackers to cause a denial of service crash via a request without a Transport parameter, which triggers a NULL pointer dereference...

Design/Logic Flaw

The browser plugin in VideoLAN VLC 0.8.6d allows remote attackers to overwrite arbitrary files via 1 the :demuxdump-file option in a filename in a playlist, or 2 a EXTVLCOPT statement in an MP3 file, possibly an argument injection vulnerability...

CVE-2007-6683

The browser plugin in VideoLAN VLC 0.8.6d allows remote attackers to overwrite arbitrary files via 1 the :demuxdump-file option in a filename in a playlist, or 2 a EXTVLCOPT statement in an MP3 file, possibly an argument injection vulnerability...

DEBIAN-CVE-2007-6682

Format string vulnerability in the httpdFileCallBack function network/httpd.c in VideoLAN VLC 0.8.6d allows remote attackers to execute arbitrary code via format string specifiers in the Connection parameter...

DEBIAN-CVE-2007-6681

Stack-based buffer overflow in modules/demux/subtitle.c in VideoLAN VLC 0.8.6d allows remote attackers to execute arbitrary code via a long subtitle in a 1 MicroDvd, 2 SSA, and 3 Vplayer file...

CVE-2007-6681

Stack-based buffer overflow in modules/demux/subtitle.c in VideoLAN VLC 0.8.6d allows remote attackers to execute arbitrary code via a long subtitle in a 1 MicroDvd, 2 SSA, and 3 Vplayer file...

CVE-2007-6682

Format string vulnerability in the httpdFileCallBack function network/httpd.c in VideoLAN VLC 0.8.6d allows remote attackers to execute arbitrary code via format string specifiers in the Connection parameter...

DEBIAN-CVE-2007-6684

The RTSP module in VideoLAN VLC 0.8.6d allows remote attackers to cause a denial of service crash via a request without a Transport parameter, which triggers a NULL pointer dereference...

VideoLAN VLC axvlc.dll ActiveX Crafted Parameter Remote Code Execution (CVE-2007-6262)

VLC media player is a free multimedia player for various audio and video formats as well as DVDs, VCDs, and various streaming protocols. This vulnerability is due to recursive object release as a result from flaws in the VideoLAN VLC ActiveX Control. To trigger this issue, an attacker may create ...

CVE-2007-6682

CVE-2007-6682 affects VLC 0.8.6d with a format string vulnerability in the httpd_FileCallBack function (network/httpd.c). The vulnerability allows remote, unauthenticated attackers to execute arbitrary code via format string specifiers in the Connection header of HTTP requests. Public references ...

Debian Security Advisory DSA 1332-1 (vlc)

The remote host is missing an update to vlc announced via advisory DSA 1332-1. OpenVAS Vulnerability Test $Id: deb13321.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1332-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

CVE-2007-6681

CVE-2007-6681 affects VideoLAN VLC 0.8.6d, due to a stack-based buffer overflow in the subtitle demux path (modules/demux/subtitle.c) when parsing long subtitle formats (MicroDvd, SSA, VPlayer). This remote code execution vulnerability was discussed in VLC-related GLSA advisories (GLSA 200803-13 ...