Critical Flaw Found in Famous VLC Media Player
Secunia, the Danish security company, has discovered a flaw in the VideoLAN client or VLC media player that could enable hacker to control anyone's PC.
As per the reports received, the flaw, which Secunia ranks as "highly critical", targets version 0.8.6h on Windows. According to Secunia, the vulnerability is an integer overflow error, which can be used to cause a heap-based overflow, a kind of problem which arises on allocation of memory by the program.
Secunia claimed that the flaw could be exploited by making a specially designed ".WAV" sound file, which would then enable a hacker to execute other code on the system.
The VLC media player is a free and open source program and released under the GNU General Public License by the VideoLAN project.
» SPAMfighter News - 25-07-2008