*** This bug is a security vulnerability *** Public security bug reported:
Binary package hint: vlc When parsing the header of an invalid Real Media file an integer overflow might occur then trigger a heap-based buffer overflows. Impact If successful, a malicious third party could trigger execution of arbitrary code within the context of the VLC media player. VLC media player 0.9.8a addresses this issue. Patches for older versions are available from the official VLC source code repository 0.9-bugfix branch. The details of this bug is available at: http://www.videolan.org/security/sa0811.html The source code of the VLC 0.9.8a is located at: http://www.videolan.org/vlc/download-sources.html ** Affects: vlc (Ubuntu) Importance: Undecided Status: New ** Visibility changed to: Public -- Security problem with VLC media player (upgrade to version 0.9.8a recommended) https://bugs.launchpad.net/bugs/305100 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs