English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- -------------------------------------------------------------------------
Debian Security Advisory DSA-2159-1                   security@debian.org
http://www.debian.org/security/                        Moritz Muehlenhoff
February 10, 2011                      http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : vlc
Vulnerability  : missing input sanitising
Problem type   : (local)remote
Debian-specific: no
CVE ID         : CVE-2011-0531

Dan Rosenberg discovered that insufficient input validation in VLC's 
processing of Matroska/WebM containers could lead to the execution of 
arbitrary code. 

For the stable distribution (squeeze), this problem has been fixed in
version 1.1.3-1squeeze3.

The version of vlc in the oldstable distribution (lenny) is affected
by further issues and will be addressed in a followup DSA.

For the unstable distribution (sid), this problem has been fixed in
version 1.1.7-1.

We recommend that you upgrade your vlc packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org



-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEARECAAYFAk1UayYACgkQXm3vHE4uylos6QCeLCU9ynXRns3mmNXdLlUHJcB3
WMwAoMHS56Fvdn4AZYoaoAGulzacvtV1
=ZweI
-----END PGP SIGNATURE-----



© 1998-2024 E-Soft Inc. All rights reserved.