VLC.HTTPD.Connection.Header.Format.String
Description
This indicates an attack attempt against a format-string vulnerability in VideoLAN VLC HTTPD.
The vulnerability is caused by an error when the vulnerable software handles a malicious "Connection" parameter. It allows a remote attacker to execute arbitrary code via sending a crafted web request.
Affected Products
VideoLAN VLC media player 0.8.6d
VideoLAN VLC media player 0.8.6c
VideoLAN VLC media player 0.8.6b
VideoLAN VLC media player 0.8.6a
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Upgrade to the latest version, available from the vendor's web site:
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2020-09-23 | 16.931 | Sig Added |