Secunia Advisory: SA30601
Release Date: 2008-07-02
Critical: Highly critical
Impact: System access
Where: From remote
Solution Status: Unpatched
Software: VLC media player 0.x
CVE reference: CVE-2008-2430 (Secunia mirror)
Description:
Secunia Research has discovered a vulnerability in VLC Media Player, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an integer overflow error within the "Open()" function in "modules/demux/wav.c". This can be exploited to cause a heap-based buffer overflow via a specially crafted WAV file having an overly large "fmt" chunk.
Successful exploitation may allow execution of arbitrary code.
The vulnerability is confirmed in version 0.8.6h on Windows. Prior versions may also be affected.
Solution:
The vulnerability is fixed in an upcoming version 0.8.6i.
Do not open untrusted WAV files.
Bollettino Sicurezza
Release Date: 2008-07-02
Critical: Highly critical
Impact: System access
Where: From remote
Solution Status: Unpatched
Software: VLC media player 0.x
CVE reference: CVE-2008-2430 (Secunia mirror)
Description:
Secunia Research has discovered a vulnerability in VLC Media Player, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an integer overflow error within the "Open()" function in "modules/demux/wav.c". This can be exploited to cause a heap-based buffer overflow via a specially crafted WAV file having an overly large "fmt" chunk.
Successful exploitation may allow execution of arbitrary code.
The vulnerability is confirmed in version 0.8.6h on Windows. Prior versions may also be affected.
Solution:
The vulnerability is fixed in an upcoming version 0.8.6i.
Do not open untrusted WAV files.
Bollettino Sicurezza