Secunia Advisory SA41810
Release Date 2010-10-19
Criticality level:Highly critical
Impact : System access
Where: From remote
Solution Status:Unpatched
Software: VLC media player 1.x
Description
shinnai has discovered a vulnerability in VLC Media Player, which can be exploited by malicious people to potentially compromise a user's system.
The vulnerability is caused due to an error within the "VLC Multimedia Plug-in" for Mozilla, which can be exploited to potentially execute arbitrary code by tricking a user into opening a specially crafted website in a browser using this plugin.
Successful exploitation requires that the "VLC Multimedia Plug-in" for Mozilla is installed (not installed by default).
The vulnerability is confirmed in version 1.1.4. Other versions may also be affected.
Solution
Do not use the plugin.
Bollettino di Sicurezzahttp://secunia.com/advisories/41810/
Di default il plugin per Firefox non viene caricato
Release Date 2010-10-19
Criticality level:Highly critical
Impact : System access
Where: From remote
Solution Status:Unpatched
Software: VLC media player 1.x
Description
shinnai has discovered a vulnerability in VLC Media Player, which can be exploited by malicious people to potentially compromise a user's system.
The vulnerability is caused due to an error within the "VLC Multimedia Plug-in" for Mozilla, which can be exploited to potentially execute arbitrary code by tricking a user into opening a specially crafted website in a browser using this plugin.
Successful exploitation requires that the "VLC Multimedia Plug-in" for Mozilla is installed (not installed by default).
The vulnerability is confirmed in version 1.1.4. Other versions may also be affected.
Solution
Do not use the plugin.
Bollettino di Sicurezzahttp://secunia.com/advisories/41810/
Di default il plugin per Firefox non viene caricato
