VLC Media Player vulnerability to the popular application

A critical security vulnerability in VLC Media Player recently discovered by the German CERT-Bund allows for remote code execution.

The vulnerability exists in VLC Media Player since version 3.0.7.1, and is described in the bulletin CVE-2019-13615. Version 3.0.7.1 is the latest fixed version of the application.

VLC Media Player

“VideoLAN VLC 3.0.7.1 media player may have an overloaded temporary buffer on mkv :: demux_sys_t :: FreeUnused () in modules / demux / mkv / demux.cpp when called by mkv :: Open in modules / demux / mkv / mkv.cpp ”, reports the CVE.

According to the security bulletin, the successful exploitation of the vulnerability allows the unauthorized disclosure of information, the unauthorized modification of files and the termination of the service.

VideoLAN, the company behind the app, has already started developing an update about four weeks ago, according to an error report that is available here.

At this time, there is no information on whether the vulnerability has been used for any attacks. However, now that the vulnerability has been publicly announced, there is a possibility that the number of attacks will increase, especially in high-profile individuals.

The vulnerability exists in several versions of VLC Media Player for almost all desktop platforms of the application (Windows, Linux and UNIX). MacOS does not appear to be affected by the error.

If you use the application on your system, you should avoid it, at least until the improved version containing the security patch is announced. Until then you can use one of the following alternative applications:

PotPlayer, KMPlayer, Media Player Classic, ACG Player, GOM Media Player, Kodi etc.

______________________

iGuRu.gr The Best Technology Site in Greeceggns

Get the best viral stories straight into your inbox!















Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).