Summary:Major memory corruption vulnerabilities have been discovered in the open-source VLC project.
Vulnerabilities have been discovered in some versions of the popular VLC media player which may allow a cyberattacker to corrupt memory and potentially execute arbitrary code.
According to security researcher Veysel Hatas, who posted the discovery on Full Disclosure last week, one of the vulnerabilities is a DEP access violation vulnerability and the other is a write access flaw.
The VideoLAN project is a community of non-profit developers who create open-source multimedia tools. The VLC player is one of the most well-known results of this project, and acts as a cross-platform multimedia player and framework that plays most multimedia files as well as DVDs, Audio CDs, VCDs, and various streaming protocols.
The first security vulnerability, discovered on 24 November last year, is a flaw which is triggered as user-supplied input is not properly sanitized when handling a specially crafted FLV file.
Source:
http://www.zdnet.com/article/vlc-vulnerabilities-exposed/
Postări populare
-
Do version numbers mean something, or are they just vestigial arbitrariness? Linus Torvalds, creator and curator of the Linux kernel, ha...
-
0.There is NO 100% SECURE BROWSING ON THE INTERNET. 1. For the Windows fans: In order to keep you safe, just browse the internet with a b... -
The FCC voted to greatly increase its definition of broadband service, from the previous definition of 4Mbit down and 1Mbit up to the ne...
-
Apple may make a significant change to the camera sensor on its next iPhone, bumping up the megapixel count from eight to 12, according...
-
To say that Google is now an important enterprise player is perhaps an understatement. Yet Google poses a conundrum to some in the channel....
