[Bug 305100] [NEW] Security problem with VLC media player (upgrade to version 0.9.8a recommended)
Bartosz
gang65 at poczta.onet.pl
Thu Dec 4 10:15:40 UTC 2008
*** This bug is a security vulnerability ***
Public security bug reported:
Binary package hint: vlc
When parsing the header of an invalid Real Media file an integer overflow might occur then trigger a heap-based buffer overflows.
Impact
If successful, a malicious third party could trigger execution of
arbitrary code within the context of the VLC media player.
VLC media player 0.9.8a addresses this issue. Patches for older versions
are available from the official VLC source code repository 0.9-bugfix
branch.
The details of this bug is available at:
http://www.videolan.org/security/sa0811.html
The source code of the VLC 0.9.8a is located at:
http://www.videolan.org/vlc/download-sources.html
** Affects: vlc (Ubuntu)
Importance: Undecided
Status: New
** Visibility changed to: Public
--
Security problem with VLC media player (upgrade to version 0.9.8a recommended)
https://bugs.launchpad.net/bugs/305100
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs at lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
More information about the universe-bugs
mailing list