Windows 7 Highly Critical Vulnerabilities Identified in VLC Media Player

JMH

Senior Member
#1
Two security vulnerabilities which can be exploited to execute arbitrary code have been identified in different components of the popular VLC media player application.

Vulnerability research vendor Secunia rates the two VLC security flaws discovered by security researcher Hossein Lotfi as highly critical.

One of the vulnerabilities, identified as CVE-2011-2587, is located in VLC's RealMedia demuxer and can be exploited to cause a heap-based buffer overflow by opening a specially-crafted RealMedia (RM) file.

The second vulnerability (CVE-2011-2588) is similar, but is located in the AVI demuxer and can be exploited when parsing a "strf" chunk in AVI files.
Highly Critical Vulnerabilities Identified in VLC Media Player - Softpedia
 


This website is not affiliated, owned, or endorsed by Microsoft Corporation. It is a member of the Microsoft Partner Program.