VLC Media Player MMS and Real RTSP Vulnerabilities
Last Update Date:
20 Mar 2012 10:09
Release Date:
20 Mar 2012
5705
Views
RISK: Medium Risk
TYPE: Clients - Audio & Video
Multiple vulnerabilities have been reported in VLC Media Player, which can be exploited by malicious people to compromise a user's system.
- A boundary error within the "MMSOpen()" function (modules/access/mms/mmstu.c) in the MMS access plugin (libaccess_mms_plugin) can be exploited to cause a stack-based buffer overflow via a specially crafted MMS stream.
- Some errors within the realrtsp access plugin (libaccess_realrtsp_plugin) when handling Real rtsp streams can be exploited to cause heap-based buffer overflows.
Successful exploitation of the vulnerabilities may allow execution of arbitrary code.
Impact
- Remote Code Execution
System / Technologies affected
- Update to version 2.0.1.
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Update to version 2.0.1.
Vulnerability Identifier
- No CVE information is available
Source
Related Link
Share with