Technology news and Jobs arrow Information Technology News arrow Latest VLC patches security vulnerability, fixes other bugs
Latest VLC patches security vulnerability, fixes other bugs PDF E-mail
by Stephen Withers   
Monday, 14 July 2008
Users of the open source VLC media player should download version 0.8.6i to avoid a serious vulnerability in previous releases.

According to a security advisory released by the VideoLAN project, a maliciously crafted WAV file could either crash VLC or cause the execution of arbitrary code.

In common with so many vulnerabilities that can be exploited through media files, this is another buffer overflow problem.

Version 0.8.6i plugs this hole by adding "further sanity checks to the RIFF WAVE demuxers", according to the advisory.

The new release also features a number of miscellaneous bug fixes, affecting aspects such as VCD input, SAP services discovery and the http control interface.

VLC is popular for a variety of reasons. Apart from being cross-platform (Windows, Mac OS X, Linux and other operating systems including BeOS and Solaris), it handles a wide variety of content types without requiring add-on codecs, and ignores region codes when playing back DVDs.

Download VLC here.

Please enable JavaScript in your browser to post your comment!


Get stories like this delivered daily - FREE - subscribe now
 
< Next story in category   Previous story in the category >
iTWire user statistics Visitors last 30 days
Suscribers
904,266
13,751
#1 independent technology news advertise here
  •   *  
  • Search
  • AdvSeach
  • Login
  • Events
  • FreeStuff
Subscribe to our free e-newsletter