Critical Flaws Haunt VLC Media Player

Author: Ryan Naraine
minute read

VideoLAN has released a security advisory to address multiple vulnerabilities in the VLC Media Player. These vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition.

VideoLAN has released a security advisory to address multiple vulnerabilities in the VLC Media Player. These vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition.

According to a VideoLAN advisory, the flaws occur when the media player attempts to parse malformatted or overly long byte streams.

“If successful, a malicious third party could crash the player instance or perhaps execute arbitrary code within the context of VLC media player,” the open-source warned.

Exploitation of these vulnerabilities requires the user to explicitly open specifically crafted malicious files.

Read the full advisory [videolan.org]

Suggested articles

WebKit Flaws Haunt Apple iTunes

Apple has shipped a new version of its iTunes media player to fix 13 security flaws that cold be exploited to launch attacks against Windows machines.

Cybersecurity for your growing business
Cybersecurity for your growing business

Topics

Show all

Authors

Threatpost

InfoSec Insider

Infosec Insider Post

Infosec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.

Sponsored

Sponsored Content

Sponsored Content is paid for by an advertiser. Sponsored content is written and edited by members of our sponsor community. This content creates an opportunity for a sponsor to provide insight and commentary from their point-of-view directly to the Threatpost audience. The Threatpost editorial team does not participate in the writing or editing of Sponsored Content.