Vulnerability Assessment & Network Security Forums

If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.

Home >> Browse Vulnerability Assessment Database >> Gentoo Local Security Checks >> [GLSA-200701-24] VLC media player: Format string vulnerability

Vulnerability Assessment Details

[GLSA-200701-24] VLC media player: Format string vulnerability
Vulnerability Assessment Summary
VLC media player: Format string vulnerability

Detailed Explanation for this Vulnerability Assessment
The remote host is affected by the vulnerability described in GLSA-200701-24
(VLC media player: Format string vulnerability)


Kevin Finisterre has discovered that when handling media locations,
various functions throughout VLC media player make improper use of
format strings.

Impact

A possible hacker could entice a user to open a specially crafted media
location or M3U file with VLC media player, and execute arbitrary code
on the system with the rights of the user running VLC media player.

Workaround

There is no known workaround at this time.

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0017


Solution:
All VLC media player users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=media-video/vlc-0.8.6-r1"


Network Security Threat Level: Medium


Networks Security ID:

Vulnerability Assessment Copyright: (C) 2007 Michel Arboi
Cables, Connectors


OEM Apple MacBook Pro 13 A1706 A1708 2017 LCD Screen Display Assembly Silver picture

OEM Apple MacBook Pro 13 A1706 A1708 2017 LCD Screen Display Assembly Silver

$125.54


OEM Apple MacBook Pro 13 A1706 A1708 2017 LCD Screen Display Assembly Space Gray picture

OEM Apple MacBook Pro 13 A1706 A1708 2017 LCD Screen Display Assembly Space Gray

$144.14


OEM Genuine A1618 Battery for Apple MacBook Pro15” Retina A1398 Mid 2015 99.5Wh picture

OEM Genuine A1618 Battery for Apple MacBook Pro15” Retina A1398 Mid 2015 99.5Wh

$55.99


NEW OEM A1494 Battery For Apple MacBook Pro 15

NEW OEM A1494 Battery For Apple MacBook Pro 15" Retina A1398 Late 2014 2013

$54.99


Genuine Apple A1882 30W USB-C Power Adapter Apple OEM CHARGER picture

Genuine Apple A1882 30W USB-C Power Adapter Apple OEM CHARGER

$18.99


Genuine Apple A1718 61W USB-C Power Adapter Apple OEM CHARGER picture

Genuine Apple A1718 61W USB-C Power Adapter Apple OEM CHARGER

$24.99


OEM 45W Charger Adapter Supply Power for Apple Macbook Air A1465 A1466 2012-2017 picture

OEM 45W Charger Adapter Supply Power for Apple Macbook Air A1465 A1466 2012-2017

$7.99


Apple OEM Original (A1374) 45W MagSafe Power Adapter with Fold Plug Only - White picture

Apple OEM Original (A1374) 45W MagSafe Power Adapter with Fold Plug Only - White

$10.95


APPLE OEM Power Extension Cable 6ft for Macbook, Macbook Air, Pro 2.5A 125V-NEW picture

APPLE OEM Power Extension Cable 6ft for Macbook, Macbook Air, Pro 2.5A 125V-NEW

$19.99


Genuine OEM Apple MagSafe 1 & 2 MacBook Pro/ MacBook Air Charger 85W| 60W |45W picture

Genuine OEM Apple MagSafe 1 & 2 MacBook Pro/ MacBook Air Charger 85W| 60W |45W

$24.99


Discussions

No Discussions have been posted on this vulnerability.