Oval Definition:	oval:org.mitre.oval:def:14600
Revision Date: 2012-11-19 Version: 6 Title: Multiple format string vulnerabilities in plugins in VideoLAN VLC Media Player before 0.8.6c Description: Multiple format string vulnerabilities in plugins in VideoLAN VLC Media Player before 0.8.6c allow remote attackers to cause a denial of service (crash) or execute arbitrary code via format string specifiers in (1) an Ogg/Vorbis file, (2) an Ogg/Theora file, (3) a CDDB entry for a CD Digital Audio (CDDA) file, or (4) Service Announce Protocol (SAP) multicast packets. Family: windows Class: vulnerability Status: ACCEPTED Reference(s): CVE-2007-3316 Platform(s): Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Product(s): VLC Media Player Definition Synopsis VLC media player is installed AND Version of VLC Media Player less than 0.8.6c AND Vulnerable plugin present File libvorbis_plugin.dll exists in plugins directory OR File libtheora_plugin.dll exists in plugins directory OR File libcdda_plugin.dll exists in plugins directory
BACK