In association with heise online

15 November 2010, 12:16

VLC Media Player 1.1.5 fixes Windows vulnerability

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

The VideoLAN Project developers have announced the release of version 1.1.5 of their VLC Media Player, a free open source cross-platform multimedia player for various audio and video formats. The latest maintenance and security update includes various translation updates, several bug fixes and addresses a Windows only security issue.

According to the developers, VLC 1.1.5 addresses a stack smashing vulnerability in Samba access on Windows systems that could lead to the execution of arbitrary code on a victim's system. For an attack to be successful, a victim must first open a specially crafted file or connect to a remote network directory that contains malicious code. All versions of VLC up to 1.1.4 are reportedly affected. Other changes in the release include rewritten Game Music Emu support, the integration of a new list of web shows from and fixes for WebM live streams and H.264 playback hardware decoding using Intel GPU on Windows systems. All users are encouraged to upgrade to the latest release.

More information about the release, including a full list of changes, can be found in the official release announcement and on the What's new in 1.1.5 page. VLC 1.1.5 is available to download from the project's home page and is released under version 2 of the GNU General Public License (GPLv2).

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit