![]() |
Show all 1 posts from this thread on one page |
VCDQuality Forums (http://www.vcdhq.com/forum/index.php)
- Computer and Audio/Video help (http://www.vcdhq.com/forum/forumdisplay.php?forumid=56)
-- VLC Media Player Real Demuxer Integer Overflow Vulnerability (http://www.vcdhq.com/forum/showthread.php?threadid=83339)
VLC Media Player Real Demuxer Integer Overflow Vulnerability
quote:
VLC Media Player Real Demuxer Integer Overflow Vulnerability
SECUNIA ADVISORY ID:
SA32942
VERIFY ADVISORY:
http://secunia.com/advisories/32942/
CRITICAL:
Highly critical
IMPACT:
DoS, System access
WHERE:
From remote
SOFTWARE:
VLC media player 0.x
http://secunia.com/advisories/product/7788/
DESCRIPTION:
A vulnerability has been reported in VLC Media Player, which potentially can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an integer overflow within the "ReadRealIndex()" function in modules/demux/real.c. This can be exploited to e.g. cause a heap-based buffer overflow by tricking a user into opening a malicious file.
Successful exploitation may allow the execution of arbitrary code.
The vulnerability is reported in versions 0.9.0 through 0.9.6.
SOLUTION:
Update to version 0.9.7.
| All times are GMT. The time now is 10:26 AM. | Show all 1 posts from this thread on one page |
Powered by: vBulletin Version 2.3.0
Copyright © Jelsoft Enterprises Limited 2000 - 2002.