Real Geek Forums > Archives > Operating Systems > Windows Vista > Windows Vista Security > VLC Media Player Security Vulnerability

VLC Media Player Security Vulnerability

Posted: 12-25-2008, 04:41 PM
Cal Bear '66
Guest
Posts: n/a
 

Bonn, Germany - A security hole has been discovered in the VLC Media Player, the
German Federal Agency for Security in Information Technology (BSI) in Bonn
reported. Attackers can exploit this vulnerability using rigged Real Media files
(file ending with "rm") to install malicious software onto the user's computer.
The victim has just to open the manipulated multimedia file.

VLC Media Player versions prior to release 0.9.8 are affected, the BSI reports.
The software maker has fixed the problem for Version 0.9.8, but to date has only
made the source code available. All VLC Media Player users are advised to remove
the file libreal_plugin manually from the VLC plug-in installation directory.

http://www.earthtimes.org/articles/s...ia-player.html

Unfortunately, the latest version of VLC Media Player, the 0.9.8 has some severe
faults, so an upgrade seems not to be the answer.

http://forums.techarena.in/windows-software/1083470.htm


I Bleed Blue and Gold
GO BEARS!



Reply With Quote

Responses to "VLC Media Player Security Vulnerability"

Spirit
Guest
Posts: n/a
 
Re: VLC Media Player Security Vulnerability
Posted: 12-26-2008, 05:42 AM
This was fixed in 0.98a available at the website.

http://www.videolan.org/

"Cal Bear '66" <x1x1x1@x1x1x1.org> wrote in message
news:C3056A01-2A88-4C92-BE33-C2102EA7134E@microsoft.com...
>
> Bonn, Germany - A security hole has been discovered in the VLC Media
> Player, the German Federal Agency for Security in Information Technology
> (BSI) in Bonn reported. Attackers can exploit this vulnerability using
> rigged Real Media files (file ending with "rm") to install malicious
> software onto the user's computer. The victim has just to open the
> manipulated multimedia file.
>
> VLC Media Player versions prior to release 0.9.8 are affected, the BSI
> reports. The software maker has fixed the problem for Version 0.9.8, but
> to date has only made the source code available. All VLC Media Player
> users are advised to remove the file libreal_plugin manually from the VLC
> plug-in installation directory.
>
> http://www.earthtimes.org/articles/s...ia-player.html
>
> Unfortunately, the latest version of VLC Media Player, the 0.9.8 has some
> severe faults, so an upgrade seems not to be the answer.
>
> http://forums.techarena.in/windows-software/1083470.htm
>
>
> I Bleed Blue and Gold
> GO BEARS!
>
>
>
Reply With Quote
 
LinkBack Thread Tools Display Modes
Reply

« Previous Thread | Next Thread »

Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On
Forum Jump


Similar Threads
Thread Thread Starter Forum Replies Last Post
windows media player security question gary Windows Vista Security 0 03-19-2007 04:03 PM
Windows Media Player SECURITY R Batch Windows XP Messenger 3 02-23-2005 01:25 PM
Security setup problem in Windows Media Player 9 and 10 Elaine Arias Windows XP Video 0 09-11-2004 04:49 AM
KB828026 security update Windows Media Player 9 Wallace Windows XP Performance & Maintenance 2 03-04-2004 04:24 PM
media player 9 security ross Windows XP Video 0 09-10-2003 11:29 AM