VLC Player Buffer Overflow Vulnerability

Last Update Date: 10 Jul 2012 Release Date: 9 Jul 2012 4522 Views

RISK: High Risk

High Risk

TYPE: Clients - Audio & Video

TYPE: Audio & Video

A vulnerability has been identified in VLC Player. which can be exploited by remote user to compromise a vulnerable system.

 
A remote user can create a specially crafted file that, when loaded by the target user, will trigger a heap overflow and execute arbitrary code on the target system. The code will run with the privileges of the target user.
 
The vulnerability resides in the Ogg_DecodePacket() function in 'modules/demux/ogg.c'.

Impact

  • Remote Code Execution

System / Technologies affected

  • VLC Player version 2.0.2 prior

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Update to version 2.0.2.

Vulnerability Identifier

Source

Related Link

Share with

Previous

Microsoft IIS Web Server Discloses Sensitive Information Vulnerability

9 Jul 2012 4754 Views

Next

Microsoft Internet Explorer Multiple Vulnerabilities

11 Jul 2012 4271 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY