Oval Definition:	oval:org.mitre.oval:def:14313
Revision Date: 2012-11-19 Version: 5 Title: Multiple format string vulnerabilities in VideoLAN VLC 0.7.0 through 0.8.6 Description: Multiple format string vulnerabilities in (1) the cdio_log_handler function in modules/access/cdda/access.c in the CDDA (libcdda_plugin) plugin, and the (2) cdio_log_handler and (3) vcd_log_handler functions in modules/access/vcdx/access.c in the VCDX (libvcdx_plugin) plugin, in VideoLAN VLC 0.7.0 through 0.8.6 allow user-assisted remote attackers to execute arbitrary code via format string specifiers in an invalid URI, as demonstrated by a udp://-- URI in an M3U file. Family: windows Class: vulnerability Status: ACCEPTED Reference(s): CVE-2007-0017 Platform(s): Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Product(s): VLC Media Player Definition Synopsis VLC media player is installed AND Version of VLC Media Player greater than or equal to 0.7.0 and less than or equal to 0.8.6
BACK