“If successful, a malicious third party could trigger execution of arbitrary code within the context of the VLC media player,” the technote reads. “It would overwrite the return address and thus redirect the execution flow,” according to the VLC developers, who credit Sebastian Apelt, siberas, for reporting this issue. “When parsing a MP4, ASF or AVI file with an overly deep box structure, a stack overflow might occur,” the document reads. Using methods similar to Apple’s (Support technotes), the VideoLan Project team posts the “Security Advisory 0901” on the site, explaining the particularities of the security hole in question. However, “Because of the security issues, we strongly recommand everybody to update its version of VLC,” the VLC team warns.
GOM MEDIA PLAYER FOR MAC OS X MAC OS X
Mac OS X users can access the link included in this article to grab the latest version of the media player immediately.Īccording to the people behind the VideoLan Project, “This version introduces many fixes, notably for SSA decoding, v4l2, MacOS interface, ogg/theora, x264 modules and security issues.” “It also introduces the port to 64bits for Mac OS platform and 2 new languages (Kazakh and Croatian),” the team of developers says. The VLC team is proud to announce that, after almost two months and 27 million downloads of VLC 1.0.1, the third version of the Goldeneye branch of VLC: 1.0.2 is now available for download.
0 kommentar(er)
