Version 1.1.13 of the open source VLC Media Player patches a vulnerability that could be exploited to compromise a victim's system.
"The maintenance and security update addresses a buffer overflow vulnerability in the VLC TiVo demuxer that could be used to crash the application's process," The H Security reports. "The VideoLAN project developers note that, on some systems, it may also be possible to execute arbitrary code on a victim's system."
"For an attack to be successful, a user must first open a specially crafted file or a malicious web site," the article states. "Versions 0.9.0 to 1.1.12 are affected; upgrading to 1.1.13 fixes the issue."
Go to "VLC Media Player 1.1.13 fixes security vulnerability" to read the details.
For regular security news updates, follow eSecurityPlanet on Twitter: @eSecurityP.