Critical Flaws Haunt VLC Media Player

VideoLAN has released a security advisory to address multiple vulnerabilities in the VLC Media Player. These vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition.

VideoLAN has released a security advisory to address multiple vulnerabilities in the VLC Media Player. These vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition.

According to a VideoLAN advisory, the flaws occur when the media player attempts to parse malformatted or overly long byte streams.

“If successful, a malicious third party could crash the player instance or perhaps execute arbitrary code within the context of VLC media player,” the open-source warned.

Exploitation of these vulnerabilities requires the user to explicitly open specifically crafted malicious files.

Read the full advisory [videolan.org]

Suggested articles

WebKit Flaws Haunt Apple iTunes

Apple has shipped a new version of its iTunes media player to fix 13 security flaws that cold be exploited to launch attacks against Windows machines.