Severity: : Medium
  CVE Kennungen: : CVE-2012-5470
  Advisory Date: 21 de июля de 2015

  DESCRIPTION

libpng_plugin in VideoLAN VLC media player 2.0.3 allows remote attackers to cause a denial of service (application crash) via a crafted PNG file. nvd: Per http://www.videolan.org/security/sa1203.html When parsing an invalid PNG image file, a buffer overflow might occur.

  INFORMATION EXPOSURE

Apply associated Trend Micro DPI Rules.

  SOLUTION

  Trend Micro Deep Security DPI Rule Number: 1005226
  Trend Micro Deep Security DPI Rule Name: 1005226 - VLC Media Player Read Access Violation Arbitrary Code Execution Vulnerability

  AFFECTED SOFTWARE AND VERSION:

  • videolan vlc_media_player 2.0.3