VLC Media Player Bug Bites at Apple & Windows

Status
Not open for further replies.

s18000rpm

ಠ_ಠ
The second flaw warning in the Month of Apple Bugs project is for a remote code execution issue affecting the cross-platform VLC media player distributed by VideoLAN. A working exploit for the vulnerability, which follows yesterday's QuickTime security hole, has been released, alongside a warning that it targets a format string vulnerability in handling of the udp:// URL handler.

"By supplying a specially crafted string, a remote attacker could cause an arbitrary code execution condition, under the privileges of the user running VLC," said an advisory from LMH and Kevin Finisterre, the two hackers behind the project. The flaw and exploit were successfully tested on VLC version 0.8.6 for Mac OS X. David Maynor of Errata Security has confirmed that it also affects Windows users.

Since the issue is previously undocumented and unpatched, the only potential workaround would be to disable the udp:// URL handler or uninstall the VLC media player.

Or, as the hackers taunt, "Simply live with the feeling of being a potential target for pwnage."

Source: eWeek
 
OP
s18000rpm

s18000rpm

ಠ_ಠ
::-UPDATE-:: VideoLan 0.8.6a
CDDA / VCDX plugins:
* Security updates (VideoLAN-SA-0701)

Mac OS X Interface:
*img405.imageshack.us/img405/3958/3ye3b04gm9.th.png

* Fullscreen controller improvements

Download -
=> VideoLan 0.8.6a (zip)
=> VideoLan 0.8.6a (exe)

Workarounds for the bug

If support for Audio and Video CDs is not used, one can remove the affected plugins manually from the VLC plugin "access" directory. Relevant filenames are as follow:

Microsoft Windows
access/libcdda_plugin.dll and access/libvcdx_plugin.dll

Apple MacOS X
access/libcdda_plugin.dylib and access/libvcdx_plugin.dylib

Other (Linux, BSD...)
access/libcdda_plugin.so and access/libvcdx_plugin.so (typically found in /usr/lib or /usr/local/lib).

Otherwise, browser plugins and network-based service discovery mechanisms (SAP, UPnP, Bonjour...) should be disabled, and untrusted playlist files should not be used.
Source: Video LAN Security Advisory 0701
 
Last edited:
Status
Not open for further replies.
Top Bottom