![]() ![]() References CORE Security Technologies Advisory CORE-2007-1004 The VideoLAN project History 3 December 2007 Core Security advisory published 30 November 2007 VLC 0.8.6d bugfix release Binaries for MS Windows 17 November 2007 Source code fixes for VLC 0.8. The Exploit Writers team of Core Security Technologies. This vulnerability was discovered by Ricardo Narvaja (Ricnar) from Pre-compiled packages for MS Windows are available at the VLC media player 0.8.6d addresses this issue and introduces further It can play DVDs, CDs, VCDs, network streaming protocols, and various types of video files for free with advanced video playback. Otherwise, websites from untrusted sources should not be opened. VLC Media Player, an uncluttered, open-source and cross-platform program, supports AirPlay, DivX and MPEG streaming. Which are not affected by this issue and provide the same features set. The user may use VLC media player's Mozilla plugin acquire local user privileges on the vulnerable system).Įxploitation of this bug requires the user to visit a maliciousĬrafted website using VLC media player's ActiveX plugin. To overwrite memory zones and execute arbitrary code within the context If successful, a malicious third party could use this vulnerability ![]() Release vulnerability when being used within specifically crafted websites. VLC media player's ActiveX plugin is prone to a recursive plugin The free, open-source software is capable of playing. ![]() Summary : Recursive plugin release vulnerability inĪffected versions : VLC media player 0.8.6 to 0.8.6c VLC Media Player (Windows, MacOS, Linux) VLC has held the media player crown for years, even before graduating from its beta phase in 2009. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |