Providing Free and Editor Tested Software Downloads

MajorGeeks.com - Geek before it was Chic.

All In One Tweaks

Antivirus & Malware

Drives (SSD, HDD, USB)

Graphics & Photos

MajorGeeks Windows Tweaks

Office & Productivity

· How To and Tutorials
· Life Hacks and Reviews
· Way Off Base
· MajorGeeks Deals
· News
· Off Base
· Reviews

IObit Black Friday Sale

· YouTube
· Facebook
· Instagram
· Twitter
· Pintrest
· RSS/XML Feeds

· News Blur
· Yahoo
· Symbaloo

· Top Freeware Picks
· Malware Removal
· Geektionary
· Useful Links
· About Us

· Copyright
· Privacy
· Terms of Service
· How to Uninstall

1. GS Auto Clicker

2. Macrium Reflect FREE Edition

3. Smart Defrag

5. Sergei Strelec's WinPE

6. Microsoft Visual C++ 2015-2022 Redistributable Package

7. Visual C++ Redistributable Runtimes AIO Repack

8. McAfee Removal Tool (MCPR)

9. K-Lite Mega Codec Pack

10. Tweaking.com - Windows Repair

All the New Features Landing in Windows 11 This December

Lossless vs Lossy: When FLAC, APE, and ALAC Beat MP3 and When They Don't

Google Search Tricks You'll Actually Use in 2025 and Beyond

Fresh PC Checklist: First 12 Things to Do On a New Windows 11 Machine

Running AI Models Locally: What They Are, Where to Find Them, and How to Get Started

Deciding Between Idle State, Sleep Mode, and Shutdown: What's Best for Your PC?

How to Fix VMware Workstation "The Update Server Could Not Be Resolved" Error Installing VMware Tools

How to Remove Google Gemini from Your Phone (and Your Life)

Windows Bloat Removal Guide: Debloat Safely and Keep What You Need

Windows 11 Repair Playbook: SFC, DISM, CHKDSK Without Breaking Stuff

Latest VLC version has dangerous hole

Contributed by: Email on 01/30/2013 02:15 PM [ Comments ]

The developers of the VLC video player have warned of a crashing bug in the latest 2.0.5 version of the application, which might be exploited to execute arbitrary code. The issue is a problem in the ASF demuxer (libasf_plugin.*), which can be tricked into overflowing a buffer with a specially crafted ASF movie. The developers note that users would have to open that specially crafted file to be vulnerable and advise users to not open files from untrusted third parties or untrusted sites.

Another workaround is to delete the demuxer plugin found in \VLC\plugins\demux\libasf_plugin.dll on Windows to disable the vulnerable function. A patch has been developed which replaces the vulnerable macro with static inline code and better bounds checking, and that has been applied to the forthcoming version 2.0.6 release of VLC. Already patched versions of VLC for Windows and Mac OS X are available from the VLC nightlies site, but may have other bugs as they are ongoing development versions.

Comments

comments powered by Disqus

© 2000-2025 MajorGeeks.com

Powered by Contentteller® Business Edition