VLC Player ReadAV Arbitrary Code Execution
Publish Date: 21 luglio 2015
Gravità: : Medio
Identificatori CVE: CVE-2012-5470
Data notifica: 21 luglio 2015
Descrizione
libpng_plugin in VideoLAN VLC media player 2.0.3 allows remote attackers to cause a denial of service (application crash) via a crafted PNG file.
nvd: Per http://www.videolan.org/security/sa1203.html
When parsing an invalid PNG image file, a buffer overflow might occur.
Informazioni esposizione:
Apply associated Trend Micro DPI Rules.
Soluzioni
Trend Micro Deep Security DPI Rule Number: 1005226
Trend Micro Deep Security DPI Rule Name: 1005226 - VLC Media Player Read Access Violation Arbitrary Code Execution Vulnerability
Software e versione interessati:
- videolan vlc_media_player 2.0.3