Computer Security
[EN] securityvulns.ru
no-pyccku



Related information

  VideoLAN VLC media player multiple security vulnerabilities

  Buffer-overflow and format string in VideoLAN VLC 0.8.6d

From:Luigi Auriemma <aluigi_(at)_autistici.org>
Date:17.03.2008
Subject:VLC highlander bug


The old buffer-overflow in the subtitles handled by VLC has not been
fully patched in version 0.8.6e, in fact buffer_text2 in ParseSSA is
still unchecked:

   if( sscanf( s,
     "Dialogue: %[^,],%d:%d:%d.%d,%d:%d:%d.%d,
%81920[^\r\n]",
     buffer_text2,

The funny thing is that my old proof-of-concept was built just to test
this specific buffer-overflow and in fact it works on the new VLC version
too without modifications 8-)

Instead the SVN version was and is patched from 10 months as I wrote in
my old advisory:

 http://aluigi.org/adv/vlcboffs-adv.txt


---
Luigi Auriemma
http://aluigi.org

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 



Rating@Mail.ru