Wednesday, August 27, 2014
Search
  
Submit your own News for
inclusion in our Site.
Click here...
Breaking News
HTC Reveals Entry-level Desire 510 Powered By a 64-bit Processor
Archos To Showcase Windows And Android Devices At IFA
Larger iPad Coming Next Year
Samsung Starts Mass Production Of First 3D TSV DDR4 Modules
HP Recalls Millions Of Power Cords
New Toshiba 20 Megapixel CMOS Image Sensor Enables 6mm Z-height Camera Modules
Huawei Quits Windows Phone, Goes Completely Android
Europer To Probe Qualcomm: report
Active Discussions
help questions structure DVDR
Made video, won't play back easily
Questions durability monitor LCD
Questions fungus CD/DVD Media, Some expert engineer in optical media can help me?
CD, DVD and Blu-ray burning for Android in development
IBM supercharges Power servers with graphics chips
Werner Vogels: four cloud computing trends for 2014
Video editing software.
 Home > News > General Computing > Vulnera...
Last 7 Days News : SU MO TU WE TH FR SA All News

Thursday, January 31, 2013
Vulnerability Affects Latest VLC Media Player


VideoLAN warned users of the v2.0.5 and earlier versions of the VLC media player that the software contain a critical vulnerability that can be potentially exploited by attackers to execute malicious code on computers.

According to the non-profit organization that develops the popular media player, the vulnerability is located in the VLC component responsible for playing ASF (Advanced Streaming Format) video files. "When parsing a specially crafted ASF movie, a buffer overflow might occur," VideoLAN wrote in a security advisor.

If successful, a malicious third party could trigger an invalid memory access, leading to a crash of VLC media player's process. In some cases attackers might exploit this issue to execute arbitrary code within the context of the application, although that has not been confirmed yet.

The issue is addressed in VLC media player 2.0.x source code repository by replacing a macro with a static inline and improved bounds checking, VideoLAN said. This patch is included in VLC's future 2.0.6 release, the next version of the media player, which is only available for testing purposes at the moment.

An alternative solution is to manually delete the vulnerable libasf_plugin.dll file from the VLC installation directory, VideoLAN said. This will disable the software's ability to play ASF videos.


Previous
Next
Toshiba Is Samplpling New 8-Megapixel CMOS Image Sensor        All News        Samsung Showcases Its Future Commercial Displays at ISE 2013
Take A Virtual Walk Through Grand Canyon With Google Maps     General Computing News      Yahoo Blog Hijacked, Bitdefender Says

Get RSS feed Easy Print E-Mail this Message

Most Popular News
 
Home | News | All News | Reviews | Articles | Guides | Download | Expert Area | Forum | Site Info
Site best viewed at 1024x768+ - CDRINFO.COM 1998-2014 - All rights reserved -
Privacy policy - Contact Us .