In association with heise online

03 July 2008, 10:20

VLC Media Player chokes on music files

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Specially crafted WAV files can trigger a buffer overflow on the heap in VLC Media Player. This could be exploited by attackers to inject and execute code, prompting Secunia, which discovered the vulnerability, to class it as highly critical. The Windows version of VLC Media Player 0.8.6h and possibly earlier versions are affected. Version 0.8.6i is reported to fix the bug. Although the changelog for this version is already available, the download page is still offering the vulnerable version 0.8.6h.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit