Windows 7 Highly Critical Vulnerabilities Identified in VLC Media Player

JMH

Senior Member
Two security vulnerabilities which can be exploited to execute arbitrary code have been identified in different components of the popular VLC media player application.

Vulnerability research vendor Secunia rates the two VLC security flaws discovered by security researcher Hossein Lotfi as highly critical.

One of the vulnerabilities, identified as CVE-2011-2587, is located in VLC's RealMedia demuxer and can be exploited to cause a heap-based buffer overflow by opening a specially-crafted RealMedia (RM) file.

The second vulnerability (CVE-2011-2588) is similar, but is located in the AVI demuxer and can be exploited when parsing a "strf" chunk in AVI files.
Link Removed - Invalid URL
 
Back
Top