En PC & Nätverksteknikers tankar: VLC Media Player tillåter att virus installeras på din dator

VLC Media Player tillåter att virus installeras på din dator

tisdag 2 december 2008 by Iztari
buffer owerflow , Mediaspelare , VLC

En sårbarhet har rapporterats i VLC Media Player, som potentiellt kan utnyttjas av illasinnade personer att kompromettera en användares dator.

Sårbarheten orsakas på grund av en integer overflow i funktioen "ReadRealIndex()" som finns i filen modules/demux/real.c. Detta kan utnyttjas för att skapa en "heap-based buffer overflow" genom att lura en användare till att öppna en skadlig fil.

Framgångsrik exploatering kan möjliggöra genomförandet av godtycklig kod.

Sårbarhet redovisas i version 0.9.0 genom 0.9.6.

Lösning:
Uppdatera till version 0.9.7

Källa: Secunia

0 kommentarer

Skicka en kommentar

Available Feeds

(RSS) Inlägg
(RSS) Kommentarer

Sökord

Säkerhetsbrist (146)

Microsoft (53)

Apple (35)

Trojan (34)

Windows (34)

Internet Explorer (29)

Update (25)

Windows XP (24)

DoS (23)

Firefox (23)

Virus (23)

MacOS X (21)

buffer owerflow (21)

Mask (18)

Linux (17)

Hackad (16)

phishing (16)

Mac (15)

Symantec (15)

Office (14)

0-day (13)

Bedrägeri (13)

F-Secure (13)

McAfee (13)

SPAM (13)

Secunia (13)

Zero day (13)

Malware (12)

Mozilla (12)

Rootkit (12)

Windows Vista (12)

Opera (10)

SQL-injection (10)

Cross-site scripting (9)

Kaspersky (9)

Sophos (9)

iPhone (9)

Antivirus (8)

Grafikkort (8)

Mediaspelare (8)

Player (8)

Safari (8)

Säkerhet (8)

Trend Micro (8)

Windows 2000 (8)

Windows 2003 Server (8)

server (8)

Adobe (7)

BotNet (7)

Google (7)

Java (7)

Panda (7)

Spyware (7)

DNS (6)

Intel (6)

Nvidia (6)

Sun (6)

Yahoo (6)

ActiveX (5)

BitDefender (5)

Cisco (5)

ClamAV (5)

FBI (5)

Flash (5)

Hårdvara (5)

Internet (5)

Javascript (5)

Malicious Software Removal Tool (5)

Novell (5)

Sony (5)

Unix (5)

Zotob (5)

Apache (4)

DDoS (4)

Hårddisk (4)

Kryptering (4)

Limewire (4)

Mail (4)

Messenger (4)

OfficeScan (4)

PayPal (4)

Processor (4)

Spel (4)

Teknik (4)

VLC (4)

VMware (4)

Windows 2008 Server (4)

Workstation (4)

Worm (4)

bedragare (4)

3G (3)

ACE (3)

AMD (3)

Acrobat Reader (3)

Blogg (3)

Browser (3)

CCleaner (3)

Debian (3)

DirectX (3)

FreeBSD (3)

Geforce (3)

Gpcode (3)

IBM (3)

MSN (3)

OpenOffice (3)

OpenSSL (3)

Protokoll (3)

Quicktime (3)

RealPlayer (3)

SQL (3)

SSH (3)

Samba (3)

SpyBot (3)

SpywareBlaster (3)

Swedbank (3)

Thunderbird (3)

XSS (3)

email (3)

iPod (3)

kernel (3)

usb-minne (3)

AOL (2)

ATI (2)

AVG (2)

Acrobat (2)

Antivir (2)

Asus (2)

Avast (2)

Backdoor (2)

Brandvägg (2)

CSS (2)

Chrome (2)

Cisco IOS (2)

Compaq (2)

Conficker (2)

DNSSEC (2)

FRA (2)

Facebook (2)

Gmail (2)

HP (2)

KB951748 (2)

Kamera (2)

Keylogger (2)

LDAP (2)

MS05-039 (2)

Neosploit (2)

Nforce (2)

Nigeria (2)

Nordea (2)

OS X (2)

OpenSSH (2)

Oracle (2)

Outlook (2)

PHP (2)

Powerpoint (2)

SMS (2)

Skype (2)

Sober (2)

Solaris (2)

Spoofing (2)

SpyAxe (2)

Torrent (2)

Trojan-Downloader (2)

URL (2)

Visa (2)

Windows 7 (2)

Word (2)

X-Force (2)

X11 (2)

XML-PHP (2)

XP-Shield (2)

Zonealarm (2)

iTunes (2)

.htaccess (1)

180SearchAssistant (1)

3Com (1)

ABetterInternet (1)

ADODB (1)

AIM (1)

API (1)

ASP (1)

Active Directory (1)

Active Scan (1)

AdBlock+ (1)

Adware (1)

AirPort (1)

Alwil (1)

AntiVirProtect (1)

Avira (1)

Avlyssning (1)

Axis (1)

BIOS (1)

BSD (1)

BSOD (1)

Bagle (1)

Barncancer (1)

Bearshare (1)

Bluetooth (1)

CAB (1)

CIA (1)

CNN (1)

CPU (1)

Carpet-bombing (1)

Censur (1)

Certificat (1)

Chat (1)

Clickjacking (1)

Codec (1)

Computer Associates (1)

Crash (1)

Creative (1)

Crossfire (1)

Crossfire X (1)

DFS (1)

Dataföreningen (1)

Dell (1)

Drivrutiner (1)

Edonkey (1)

Equifax (1)

Eset (1)

Exchange (1)

Exposé (1)

Ezula (1)

FTP (1)

Fifa (1)

Firestream (1)

GPU (1)

Grisoft (1)

Grokster (1)

HTML-Injection (1)

HTTP (1)

Hitachi (1)

Hoax (1)

Homer (1)

Hotmail (1)

ICASI (1)

ICMP (1)

ICQ (1)

IIS (1)

ISTbar (1)

IT (1)

Ibas (1)

Interpol (1)

Intrång (1)

Jabber (1)

Juniper Networks (1)

KaZaa (1)

Kill Bit (1)

Kreditkort (1)

Laptop (1)

Libxml2 (1)

Live (1)

MS08-051 (1)

MS08-067 (1)

MSNBC (1)

Moderkort (1)

Motorola (1)

Mp3 (1)

MySQL (1)

MySpace (1)

NDS (1)

Neon (1)

Netsky (1)

Nigeria brev (1)

Nimda (1)

Nod32 (1)

Nokia (1)

Norton (1)

Nugache (1)

OneCare (1)

OpenBSD (1)

OpenGL (1)

OpenVPN (1)

Operativsystem (1)

P2Load (1)

PC (1)

PC-Cillin (1)

PCAnyware (1)

PS2 (1)

Panasonic (1)

Perfect Keylogger lite (1)

Playstation 2 (1)

Plugin (1)

Polisen (1)

PowerISO (1)

Programmering (1)

Python (1)

RTF (1)

Radeon (1)

Razr (1)

RealVNC (1)

Realtek (1)

Rensa (1)

Riksdagen (1)

Rykte (1)

Ryska Nätter (1)

SATA (1)

SLi (1)

SMTP (1)

SR09-057 (1)

SSL (1)

Seamonkey (1)

Simpson (1)

SiteAdvisor (1)

Sitic (1)

Snort (1)

Southbridge (1)

Spaces (1)

SpySweeper (1)

SpyWatchE (1)

Steven Thomas (1)

Stinger (1)

Stöld (1)

SÄPO (1)

TCP (1)

TheSpyBot (1)

Tomcat (1)

Tor (1)

Trillian (1)

UAC (1)

UDP (1)

UT3 (1)

Upphovsrätt (1)

Vladimir Odojevskij (1)

W32.Kelvir (1)

W32.Spybot (1)

WPA (1)

Webkamera (1)

Webroot (1)

WinSpyKiller (1)

WinXProtector (1)

Window Washer (1)

WordPress (1)

XCP (1)

XnView (1)

YouTube (1)

Zafi (1)

Zlob (1)

backup (1)

ca (1)

cancer (1)

chunkylover53 (1)

cvv (1)

donation (1)

ffdshow (1)

firmware (1)

harvester (1)

iCal (1)

iLife (1)

iMove (1)

iPhoto (1)

iWeb (1)

insamling (1)

lösenord (1)

piratkopiering (1)

script (1)

x86 (1)