Critical exploit in VLC Media Player

Secunia has found a flaw in the VLC Media Player that could allow an attacker to gain control of someone's PC. The problem, which Secunia ranks as "highly critical," affects version 0.8.6h on Windows. Secunia said in an advisory that version 0.8.6i should be released soon. The flaw is an integer overflow error, which can […]

Secunia has found a flaw in the VLC Media Player that could allow an attacker to gain control of someone's PC. The problem, which Secunia ranks as "highly critical," affects version 0.8.6h on Windows. Secunia said in an advisory that version 0.8.6i should be released soon.

The flaw is an integer overflow error, which can be exploited to cause a heap-based buffer overflow, a type of problem in how the program allocates memory. Secunia said it can be exploited by creating a specially-crafted ".WAV" sound file, which would the allow a hacker to run other code on the PC.

VLC Media Player is a free, open-source program released under the GNU General Public License by the VideoLAN project . The player can handle video files in MPEG-1, MPEG-2, MPEG-4, DivX, MP3, and OGG formats, among others.

Source:→ InfoWorld

About The Author

Deepak Gupta is a IT & Web Consultant. He is the founder and CEO of diTii.com & DIT Technologies, where he's engaged in providing Technology Consultancy, Design and Development of Desktop, Web and Mobile applications using various tools and softwares. Sign-up for the Email for daily updates. Google+ Profile.