Latest VLC version has dangerous hole

Posted by Scott_Ruecker on Jan 30, 2013 10:44 PM EDT
The H Open
Mail this story
Print this story

The developers of the VLC video player have warned of a crashing bug in the latest 2.0.5 version of the application, which might be exploited to execute arbitrary code. The issue is a problem in the ASF demuxer (libasf_plugin.*), which can be tricked into overflowing a buffer with a specially crafted ASF movie. The developers note that users would have to open that specially crafted file to be vulnerable and advise users to not open files from untrusted third parties or untrusted sites.

Full Story

» Read more about: Story Type: News Story

« Return to the newswire homepage

This topic does not have any threads posted yet!

You cannot post until you login.