Your security, networking, programming, and application news source.

Wednesday, March 19, 2008

Lingering VCL Bof exploit

A buffer overflow exploit vulnerability was found in the popular <VideoLAN VLC Media Player> in the parsing of subtitle files. The last release, VLC 0.8.6e was supposed to fix this along with some other issues, but this issue is <reported> to still exist.

The simple fix is to not process untrusted subtitles using VLC. Alternatively you could use a <nightly build>, all though you may run into a bug or stability issues.

<Secunia advisory>

No comments:

Post a Comment