VideoLAN Security Advisory 1003 - VideoLAN
VideoLAN, a project and a non-profit organization.

Security Advisory 1003

Summary           : Heap buffer overflow vulnerability in A/52, DTS
                     and MPEG Audio decoders
                    Invalid memory access in AVI, ASF, Matroska (MKV) demuxers
                    Invalid memory access in XSPF playlist parser
                    Invalid memory access in ZIP archive decompressor
                    Heap buffer overflow in RTMP access
Date              : 19 April 2010
Affected versions : VLC media player 1.0.5 down to 0.5.0
ID                : VideoLAN-SA-1003
CVE references    : CVE-2010-1441 through CVE-2010-1445

Details

VLC media player suffers from various vulnerabilities when attempting to parse malformatted or overly long byte streams.

Impact

If successful, a malicious third party could crash the player instance or perhaps execute arbitrary code within the context of VLC media player.

Threat mitigation

Exploitation of those bugs requires the user to explicitly open specifically crafted malicious files.

Workarounds

The user may refrain from opening files from untrusted sources.

Solution

VLC media player 1.0.6 addresses these issues and introduces further stability fixes.

VLC media player 1.1.0 (currently in pre-release stage) addresses these issues as well and introduces further enhancements and fixes over version 1.0.6.

Credits

These vulnerabilities were discovered by the development team while working on VLC 1.1.0.

References

The VideoLAN Project
http://www.videolan.org/

History

28 April 2010
CVE numbers assigned
21 April 2010
VLC 1.0.6 bugfix release
Initial advisory
Rémi Denis-Courmont,
on behalf of the VideoLAN project