Security Advisory 1003
Summary : Heap buffer overflow vulnerability in A/52, DTS
and MPEG Audio decoders
Invalid memory access in AVI, ASF, Matroska (MKV) demuxers
Invalid memory access in XSPF playlist parser
Invalid memory access in ZIP archive decompressor
Heap buffer overflow in RTMP access
Date : 19 April 2010
Affected versions : VLC media player 1.0.5 down to 0.5.0
ID : VideoLAN-SA-1003
CVE references : N/A (at the time of writing)
Details
VLC media player suffers from various vulnerabilities when attempting to parse malformatted or overly long byte streams.
Impact
If successful, a malicious third party could crash the player instance or perhaps execute arbitrary code within the context of VLC media player.
Threat mitigation
Exploitation of those bugs requires the user to explicitly open specifically crafted malicious files.
Workarounds
The user may refrain from opening files from untrusted sources.
Solution
VLC media player 1.0.6 addresses these issues and introduces further stability fixes.
VLC media player 1.1.0 (currently in pre-release stage) addresses these issues as well and introduces further enhancements and fixes over version 1.0.6.
Credits
These vulnerabilities were discovered by the development team while working on VLC 1.1.0.
References
The VideoLAN Project
http://www.videolan.org/
History
21 April 2010
VLC 1.0.6 bugfix release
Initial advisory
Rémi Denis-Courmont,
on behalf of the VideoLAN project