VLC media player denial of service vulnerability

Last Update Date: 7 Nov 2012 12:58 Release Date: 7 Nov 2012 5595 Views

RISK: Medium Risk

Medium Risk

TYPE: Clients - Audio & Video

TYPE: Audio & Video

A vulnerability was identified in VLC media player, which can be exploited by malicious people to cause denial of service condition.

 

When parsing an invalid PNG image file, a buffer overflow might occur.

If successful, a malicious third party could trigger an invalid memory access, leading to a crash of the process of the VLC media player.

Because the overflow occurs while reading a buffer, rather than writing, it is believed that this issue cannot lead to arbitrary code execution.

 

Exploitation of this issue requires the user to explicitly open a specially crafted file.

Impact

  • Denial of Service

System / Technologies affected

  • VLC media player 2.0.3 and earlier

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Update to VLC media player 2.0.4

Vulnerability Identifier

Source

Share with

Previous

Opera Multiple Vulnerabilities

7 Nov 2012 5309 Views

Next

Adobe Flash Player Multiple Vulnerabilities

8 Nov 2012 5587 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY