Version 1.1.13 of the open source VLC Media Player patches a vulnerability that could be exploited to compromise a victim's system.
"The maintenance and security update addresses a buffer overflow vulnerability in the VLC TiVo demuxer that could be used to crash the application's process," The H Security reports. "The VideoLAN project developers note that, on some systems, it may also be possible to execute arbitrary code on a victim's system."
"For an attack to be successful, a user must first open a specially crafted file or a malicious web site," the article states. "Versions 0.9.0 to 1.1.12 are affected; upgrading to 1.1.13 fixes the issue."
Go to "VLC Media Player 1.1.13 fixes security vulnerability" to read the details.https://o1.qnsr.com/log/p.gif?;n=203;c=204660770;s=9477;x=7936;f=201812281321530;u=j;z=TIMESTAMP;a=20396194;e=i
For regular security news updates, follow eSecurityPlanet on Twitter: @eSecurityP.