VLC Player ReadAV Arbitrary Code Execution

2015年7月21日

Email
Facebook
Twitter
Google+
Linkedin

危険度: : 中

CVE識別番号: CVE-2012-5470

概要

libpng_plugin in VideoLAN VLC media player 2.0.3 allows remote attackers to cause a denial of service (application crash) via a crafted PNG file. nvd: Per http://www.videolan.org/security/sa1203.html When parsing an invalid PNG image file, a buffer overflow might occur.

トレンドマイクロの対策

Apply associated Trend Micro DPI Rules.

対応方法

Trend Micro Deep Security DPI Rule Number: 1005226

Trend Micro Deep Security DPI Rule Name: 1005226 - VLC Media Player Read Access Violation Arbitrary Code Execution Vulnerability

影響を受けるソフトウェア

videolan vlc_media_player 2.0.3