From Secunia, http://secunia.com/advisories/29503/
DESCRIPTION: A vulnerability has been reported in VLC Media Player, which potentially can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an integer overflow error within "MP4_ReadBox_rdrf()" in modules/demux/mp4/libmp4.c and can be exploited to cause a heap-based buffer overflow via e.g. a MP4 file with a specially crafted RDRF atom. Successful exploitation may allow execution of arbitrary code. The vulnerability is reported in version 0.8.6e. Other versions may also be affected. SOLUTION: Fixed in the GIT repository. http://trac.videolan.org/vlc/changeset/09572892df7e72c0d4e598c0b5e076cf330d8b0a
signature.asc
Description: OpenPGP digital signature
-- Ubuntu-motu mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-motu
