In association with heise online

17 October 2008, 09:25

VLC update fixes critical hole

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

A security advisory recently published by Core Security Technologies has noted that VLC version 0.9.3 fixed a critical security hole in the multimedia player. Since the update, the VideoLAN project has also released version 0.9.4.

Up to version 0.9.2, specially crafted XSPF playlists can cause a buffer overflow and allow arbitrary code to be injected and executed. Several critical security problems in the code of the open source projects have emerged in the last few month. Users of older versions of VLC are advised to update to the current version as soon as possible.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit