VCDQuality Forums
Here you can view your subscribed threads, work with private messages and edit your profile and preferences Frequently Asked Questions Search Home  
VCDQuality Forums : Powered by vBulletin version 2.3.0 VCDQuality Forums > Off Topic > Computer and Audio/Video help > VLC Media Player Real Demuxer Integer Overflow Vulnerability
  Last Thread   Next Thread
Author
Thread Post New Thread    Post A Reply
RIP@Youceff
Apr 2006

Registered

Exclamation VLC Media Player Real Demuxer Integer Overflow Vulnerability

quote:
VLC Media Player Real Demuxer Integer Overflow Vulnerability

SECUNIA ADVISORY ID:
SA32942

VERIFY ADVISORY:
http://secunia.com/advisories/32942/

CRITICAL:
Highly critical

IMPACT:
DoS, System access

WHERE:
From remote

SOFTWARE:
VLC media player 0.x
http://secunia.com/advisories/product/7788/

DESCRIPTION:
A vulnerability has been reported in VLC Media Player, which potentially can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to an integer overflow within the "ReadRealIndex()" function in modules/demux/real.c. This can be exploited to e.g. cause a heap-based buffer overflow by tricking a user into opening a malicious file.

Successful exploitation may allow the execution of arbitrary code.

The vulnerability is reported in versions 0.9.0 through 0.9.6.

SOLUTION:
Update to version 0.9.7.

Report this post to a moderator | IP: Logged

Old Post 12-03-2008 08:41 AM
RIP@Youceff is offline Click Here to See the Profile for RIP@Youceff Click here to Send RIP@Youceff a Private Message Find more posts by RIP@Youceff Add RIP@Youceff to your buddy list Edit/Delete Message Reply w/Quote
All times are GMT. The time now is 08:49 AM. Post New Thread    Post A Reply
  Last Thread   Next Thread
Show Printable Version | Email this Page | Subscribe to this Thread

Rate This Thread:

Forum Rules:
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is OFF
vB code is ON
Smilies are ON
[IMG] code is ON
 

< Contact Us - www.vcdhq.com >

Powered by: vBulletin Version 2.3.0
Copyright ©2000, 2001, Jelsoft Enterprises Limited.