---

Updated VLC Fixes Security Problems

“Users of VideoLAN’s VLC cross-platform media player are
strongly advised to upgrade to the just-released version 0.8.6c,
which fixes ‘a security vulnerability in the CDDA, Vorbis, Theora
and SAP plugins.’

“In a security advisory about this issue–originally reported by
David Thiel of iSEC Partners–VideoLAN explained that ‘Ogg/Vorbis,
Ogg/Theora, CDDA (CD Digital Audio) and SAP (Service Announce
Protocol) plugins are prone to a C-style format string
vulnerability when trying to parse a media data stream…'”

Complete
Story

Get the Free Newsletter!

Subscribe to Developer Insider for top news, trends, & analysis