English
The Internet threat alert status is currently normal. At present, no major epidemics or other serious incidents have been recorded by Kaspersky Lab’s monitoring service. Internet threat level: 1

VLC Media Player Multiple Vulnerabilities


Secunia ID

SA45066

CVE-ID

CVE-2011-2587, CVE-2011-2588

Release Date

13 Jul 2011

Last Change

03 Aug 2011

Criticality

Highly Critical

Solution Status

Vendor Patch

Software

VLC media player 1.x

Where

From remote

Impact
System access

This covers vulnerabilities where malicious people are able to gain system access and execute arbitrary code with the privileges of a local user.

Description

Some vulnerabilities have been reported in VLC Media Player, which can be exploited by malicious people to compromise a user's system.

1) Missing input validation when allocating memory using certain values from a RealAudio data block within RealMedia (RM) files can be exploited to cause a heap-based buffer overflow.

2) An integer underflow error when parsing the "strf" chunk within AVI files can be exploited to cause a heap-based buffer overflow.

3) A vulnerability is caused due to the use of vulnerable ffmpeg code.

For more information:
SA44378

Successful exploitation of the vulnerabilities allows execution of arbitrary code.

Vulnerabilities #1 and #2 are confirmed in version 1.1.10. Vulnerability #3 is reported in versions prior to 1.1.10 (Windows) and 1.1.11 (MacOS X). Other versions may also be affected.

Solution

Update to version 1.1.11.
http://www.videolan.org/vlc/#download

Reported by

1, 2) Hossein Lotfi via Secunia
3) Dominic Chell, NGS Secure

Original Advisory

VideoLAN-SA-1105:
http://www.videolan.org/security/sa1105.html

VideoLAN-SA-1106:
http://www.videolan.org/security/sa1106.html

NGS Secure:
http://archives.neohapsis.com/archives/bugtraq/2011-08/0007.html