Signature Detail

HTTP: VLC Media Player Remote Code Execution

This signature detects attempts to exploit a known vulnerability in VLC Media Player. A successful attack can lead to arbitrary remote code execution within the context of the server.

Extended Description

VLC Media Player is prone to a remote code-execution vulnerability. Successfully exploiting this issue allows attackers to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts may result in a denial-of-service condition. This issue affects VLC Media Player versions 1.1.6.1 and prior.

Affected Products

• Debian Linux 5.0
• Debian Linux 5.0 Alpha
• Debian Linux 5.0 Amd64
• Debian Linux 5.0 Arm
• Debian Linux 5.0 Armel
• Debian Linux 5.0 Hppa
• Debian Linux 5.0 Ia-32
• Debian Linux 5.0 Ia-64
• Debian Linux 5.0 M68k
• Debian Linux 5.0 Mips
• Debian Linux 5.0 Mipsel
• Debian Linux 5.0 Powerpc
• Debian Linux 5.0 S/390
• Debian Linux 5.0 Sparc
• Pardus Linux 2009
• VideoLAN VLC media player 1.0.0
• VideoLAN VLC media player 1.0.1
• VideoLAN VLC media player 1.0.2
• VideoLAN VLC media player 1.0.3
• VideoLAN VLC media player 1.0.4
• VideoLAN VLC media player 1.0.5
• VideoLAN VLC media player 1.0.6
• VideoLAN VLC media player 1.1.0
• VideoLAN VLC media player 1.1.1
• VideoLAN VLC media player 1.1.2
• VideoLAN VLC media player 1.1.3
• VideoLAN VLC media player 1.1.4
• VideoLAN VLC media player 1.1.5
• VideoLAN VLC media player 1.1.6
• VideoLAN VLC media player 1.1.6.1

References

• BugTraq: 46060
• CVE: CVE-2011-0531