VLC Media Player vulnerable to heap overflow exploits
According to the VideoLAN project, the popular VLC Media Player is susceptible to two heap overflow vulnerabilities in the Real Media and AVI file parsers. These holes, rated as "Highly critical" by security specialist Secunia, could be exploited by an attacker to crash the player or possibly execute arbitrary code on a victim's system. For an attack to be successful, a user must first open a specially crafted malicious file.
The vulnerabilities, discovered by Hossein Lotfi, have been confirmed to affect the latest 1.1.10 release of VLC, from early June. According to the VLC developers, an upcoming maintenance and security update, VLC 1.1.11, will address these problems and introduce further stability fixes.
Until an update is available, users are advised to refrain from opening files from untrusted sources. Alternatively, the developers note that users can remove the RealMedia plugin (demux/libavi_plugin.*) to prevent any use of AVI or Real Media files.
Update: Version 1.1.11 of VLC has been released to address the above vulnerabilities. The update also offers several other improvements.
- Heap overflow in RealMedia demuxer, a VideoLAN security advisory.
- Heap overflow in AVI demuxer, a VideoLAN security advisory.