The developers of the VLC video player have warned of a crashing bug in the latest 2.0.5 version of the application, which might be exploited to execute arbitrary code. The issue is a problem in the ASF demuxer (libasf_plugin.*), which can be tricked into overflowing a buffer with a specially crafted ASF movie. The developers note that users would have to open that specially crafted file to be vulnerable and advise users to not open files from untrusted third parties or untrusted sites.
More to read in this article.
Latest VLC version has dangerous hole
Userlevel 7
Be the first to reply!
Reply
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.