Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 433
Alerts This Week
Warning Icon 1 433

VLC Media Player Memory Flaws: Critical Risks for Code Execution

General Esm H446
There are two memory corruption vulnerabilities in some versions of the VLC open-source media player that can allow an attacker to run arbitrary code on vulnerable machines.

Neither one of the vulnerabilities has been fixed by VideoLAN, the organization that maintains VLC. Security researcher Veysel Hatas reported the vulnerabilities to VideoLAN in December and published the advisories on Full Disclosure on Friday. One of the bugs is a DEP access violation vulnerability and the other is is a write access flaw.

The link for this article located at ThreatPost is no longer available.