Secunia CSI7
Advisories
Research
Forums
Create Profile
Our Commitment
PSI
PSI API
CSI
OSI
xSI
Vulnerabilities
Programs
Open Discussions
My Threads
Create Thread
Statistics
About

Forum Thread: Detected 1.1.4, actual 1.1.5

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
Programs

Relating to this vendor:
VideoLAN
And, this specific program:
VLC media player 1.x

This thread has been marked as locked.
Flyhard Detected 1.1.4, actual 1.1.5
Member 22nd Nov, 2010 00:37
Ranking: 0
Posts: 1
User Since: 21st Aug, 2009
System Score: N/A
Location: N/A
I installed 1.1.5, the version of the listed file is 1.1.5, but secunia still claims, it is 1.1.4 - even after rescanning it several times.

------

Program Name:
VLC media player 1.x

Security State:
Insecure

Download Link:
http://ftp.secunia.com/vlc-1.1.5-win32.exe

Instances Found:
C:\Programme\VideoLAN\VLC\vlc.exe, version: 1.1.4.0

Last System Scan (localtime):
19. Nov 2010, 19:05

Operating System:
Microsoft Windows XP Professional, Service Pack 3



TiMow RE: Detected 1.1.4, actual 1.1.5
Dedicated Contributor 22nd Nov, 2010 07:13
Score: 737
Posts: 728
User Since: 26th Jun 2009
System Score: N/A
Location: CH
If this is a recent update, it might be that Secunia have not yet updated their rules - despite giving download link to latest version.

It may be be just a case of waiting - they only review this forum and address PSI issues Mon - Fri.

Your thread should have brought this to their attention.

Alternatively, you can use "Program Missing: Suggest it here" from PSI tabs (v.1.5.0.2).

TiMow

--
Computing is not yet a perfect science - it still requires humans.
Was this reply relevant?
+0
-0
Anthony Wells RE: Detected 1.1.4, actual 1.1.5
Expert Contributor 22nd Nov, 2010 13:14
Score: 2445
Posts: 3,337
User Since: 19th Dec 2007
System Score: N/A
Location: N/A


@Flyhard ,

Version 1.1.5 is correctly displayed by my Beta PSI 1.9.0.5004 as up to date .

Do you have more than one version displayed by the PSI ?? Have you rebooted and run a full scan since you updated ?? have you followed the path of the detected instance to see if the .exe file is a left over file ??

My detected instance is :-


Program Name:
VLC media player 1.x

Security State:
Patched

Download Link:
http://ftp.secunia.com/vlc-1.1.5-win32.exe

Instances Found:
C:\Program Files\VideoLAN\VLC\vlc.exe, version: 1.1.5.0

Last System Scan (localtime):
19. Nov 2010, 23:16

Operating System:
Microsoft Windows XP Home Edition, Service Pack 3


Anthony


--


It always seems impossible until its done.
Nelson Mandela
Was this reply relevant?
+1
-0
SteelyEyed RE: Detected 1.1.4, actual 1.1.5
Member 28th Nov, 2010 21:10
Score: 0
Posts: 1
User Since: 28th Nov 2010
System Score: N/A
Location: UK
Slightly different issue here. 1.1.5 installed and detected (status: patched) after scan however in "secure browsing" I see "VLC media player 1.x" showing as "unpatched".

Double click drill down into that item and the status of "patched" is shown vs. the main VLC exe.

Maybe rules for detecting secure browser are lagging a "main" rules set?
Was this reply relevant?
+0
-0
Anthony Wells RE: Detected 1.1.4, actual 1.1.5
Expert Contributor 28th Nov, 2010 21:25
Score: 2445
Posts: 3,337
User Since: 19th Dec 2007
System Score: N/A
Location: N/A

Hello SteelyEyed ,

Two points of note :-

A programme showing as being "fully patched" in the "patched/results" page does not mean that there are no un-patched vulnerabilities , merely that you have done all the patching you can do ; see this thread for more discussion if you are not sure :-

http://secunia.com/community/forum/thread/show/650...

The secure browsing "problem" is one of the few PSI "false positives" and Secunia explain why here :-

http://secunia.com/community/forum/thread/show/613...

Hope that is clear .

Anthony

--


It always seems impossible until its done.
Nelson Mandela
Was this reply relevant?
+1
-0

This thread has been marked as locked.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 MSSP
Technology Partners
References
 Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


 
© 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability - Disclaimer