Malware Help. Org | Blog

Vulnerabilities: Malicious subtitle file could harm VLC media player

March 19th, 2008 Posted/Linked by Shanmuga ShareThis

Close

• Social Web
• E-mail

• Facebook
• Digg
• StumbleUpon
• del.icio.us
• reddit
• BlinkList
• Newsvine
• Furl
• Tailrank
• Ma.gnolia
• Google Bookmarks
• Yahoo! My Web
• Technorati
• Windows Live
• Blogmarks
• Simpy
• Favoriting

E-mail It

• To Addresses (up to 5):
• Your Name:
• Your Address:

"A flaw in the widely-used open-source VLC media player could allow an attacker to execute harmful code on a PC. The problem stems from a buffer overflow that can occur when the player processes subtitle files used for movies, according to a security advisory.

The vulnerability existed before VLC was upgraded to version 0.8.6e in late February, but the bug appears to have escaped the last round of patches, wrote Luigi Auriemma in a note." - Content courtesy of Malicious subtitle file could trip up media player

If you enjoyed this post, make sure you subscribe to my RSS feed!

This entry was posted on Wednesday, March 19th, 2008 at 11:40 am and is filed under Vulnerabilities. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Possibly related

• Security: Apple releases massive security update
• Microsoft fixes a dozen critical Office flaws in four patches
• Mozilla adds 900 fixes and upgrades Firefox 3 beta
• Is it time to consider PDF a threat?
• Microsoft Issues Biggest Patch Update in a Year

2 responses about “Vulnerabilities: Malicious subtitle file could harm VLC media player”

1. Pregnant Man » Vulnerabilities: Malicious subtitle file could harm VLC media player said:
   June 24th, 2008 at 3:22 pm

   […] wrdblog wrote an interesting post today onHere’s a quick excerpt […]

2. adware » Blog Archive » Vulnerabilities: Malicious subtitle file could harm VLC media player said:
   June 30th, 2008 at 6:39 pm

   […] Shanmuga wrote an interesting post today onHere’s a quick excerpt"A flaw in the widely-used open-source VLC media player could allow an attacker to execute harmful code on a PC. The problem stems from a buffer overflow that can occur when the player processes subtitle files used for movies, according to a security advisory. (more…) ShareThis […]

Tags

activex Antivirus apple badware botnet Botnets computer associates computer security encryption excel facebook fbi firefox fraudsters gmail google hack hackers Hacking ID Theft ip address malicious code Malware mcafee microsoft mozilla myspace pc security Phishing Privacy rbn realplayer russian business network Security Spam spyware storm worm symantec trend micro trojan vishing Vulnerabilities websense windows vista worm

More News, Articles from elsewhere

• Free Honeypot Client Could Sting Malware
• What Firewalls Do & Donot Do
• Opera Continues to Lead the Pack
• Zonebak Trojan Removal
• PCAntiSpyware Removal
• SpyMaxx Removal
• Qvdntlmw Toolbar Removal
• The ultimate identity theft: house stealing
• Fake Google Calender meeting invitations used in new spam attack
• Spam Goes More and More Mobile
• They Told You Not To Reply
• Should Microsoft Throw Away Vista?
• Angry Vista users vent over SP1 driver issues
• Safari 3.1 Crashes On Windows XP, Users Complain
• The New Browser War is Good for Microsoft
• Block spam, phishing attempts in Outlook
• Symantec fingers D Link for bot attacks
• WhiteHat: 90% of Sites Still Vulnerable
• Red Hat releases free security code
• ValueClick to pay $2.9 million to settle spam complaint
• Securitypills.com Removal
• Want Vista SP1? Here is what to expect
• 99 Windows Vista Performance Tips and Tweaks
• Set Internet Explorer and Firefox to maximize your security
• Has Vista lost all credibility?
• How to Remove SpyGuardPro (SpyGuardPro removal)
• How to Remove AntispywareDeluxe (AntispywareDeluxe removal)
• How to Remove Winfix Master (Winfix Master removal)
• How to Remove AntivirusPCSuite (AntivirusPCSuite removal)
• How to Remove AntivirusForAll (AntivirusForAll removal)
• Security lapse exposes Facebook photos
• Top Tips to Mobile Data Security
• iPhone DoS vulnerability
• Kaspersky launches Mobile Security 7.0 protection for smartphones
• Mobile subscribers showered with spam
• HOW TO: Synchronize Folders Between Computers Fri, 28 Mar 2008 06:20:06
• HOW TO: Set Up Dynamic DNS Fri, 28 Mar 2008 06:17:33
• HOW TO: Install Safari on Ubuntu with Flash and Shockwave! Fri, 28 Mar 2008 06:15:06
• HOW TO: Read The Wall Street Journal’s Web site for free Fri, 28 Mar 2008 06:11:19
• HOW TO: Secure Your EMail and IM Communications Fri, 28 Mar 2008 06:06:06

• Quick Links

  • Blog
  • Spyware Removal
  • Malware Prevention
  • PC Security
  • Online Privacy
  • Browser Security
  • E - Mail Security

• Sponsored Links

• Security Software

  • Anti-Virus
  • Anti-Spyware
  • Anti-Trojan, Anti-Dialer, Anti-Keylogger
  • Anti-Rootkit
  • Firewall
  • Anti-Spam
  • Browser Security
  • Startup Managers
  • Drive, File and Privacy Cleaners
  • Windows Hardening Tools
  • Malware Removal: Stand-alone and Specific Tools
  • Advanced System Protectors, Analyzers, Malware Analysis and Control Tools
  • Patch and software Auditors
  • Privacy, Anonymity and Proxy
  • Encryption Tools
  • Password Managers
  • File Shredders

• Online Scanners

  • Online Anti-virus Scanners
  • Online Anti-malware Scanners
  • Online Anti-malware Scanners (Single file)
  • Online Firewall and Port Scanners
  • Online Anti-spam and Email Security Scanners
  • Online Browser Security and Privacy Scanners
  • Online Anonymity, Proxy, IP, Whois and DNS Scanners
  • Online Popup Blocker Tests, Wi-Fi, Java and Miscellaneous Security Scanners
  • OT: Online Bandwidth and Connection speed Tests

• Categories

  • Anonymity
  • Antivirus
  • Botnets
  • Hacking
  • ID Theft
  • Malware
  • Pharming
  • Phishing
  • Privacy
  • Security
  • Site News
  • Software
  • Spam
  • vishing
  • Vulnerabilities

• Archives

  • March 2008
  • February 2008
  • January 2008
  • December 2007