A buffer overflow exploit vulnerability was found in the popular <VideoLAN VLC Media Player> in the parsing of subtitle files. The last release, VLC 0.8.6e was supposed to fix this along with some other issues, but this issue is <reported> to still exist.
The simple fix is to not process untrusted subtitles using VLC. Alternatively you could use a <nightly build>, all though you may run into a bug or stability issues.
<Secunia advisory>
Wednesday, March 19, 2008
Lingering VCL Bof exploit
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment