According to the developers, VLC 1.1.5 addresses a stack smashing vulnerability in Samba access on Windows systems that could lead to the execution of arbitrary code on a victim's system.
VideoLAN Project developers have announced the release of version 1.1.5 of their VLC Media Player, a free open source cross-platform multimedia player for various audio and video formats. The latest maintenance and security update includes various translation updates, several bug fixes and addresses a Windows only security issue.
A victim must first open a specially crafted file or connect to a remote network directory that contains malicious code. All versions of VLC up to 1.1.4 are reportedly affected. Other changes in the release include rewritten Game Music Emu support, the integration of a new list of web shows and fixes for WebM live streams and H.264 playback hardware decoding using Intel GPU on Windows systems. All users are encouraged to upgrade to the latest release.
0 comments:
Post a Comment