Guest Cal Bear '66 Posted December 25, 2008 Posted December 25, 2008 Bonn, Germany - A security hole has been discovered in the VLC Media Player, the German Federal Agency for Security in Information Technology (BSI) in Bonn reported. Attackers can exploit this vulnerability using rigged Real Media files (file ending with "rm") to install malicious software onto the user's computer. The victim has just to open the manipulated multimedia file. VLC Media Player versions prior to release 0.9.8 are affected, the BSI reports. The software maker has fixed the problem for Version 0.9.8, but to date has only made the source code available. All VLC Media Player users are advised to remove the file libreal_plugin manually from the VLC plug-in installation directory. http://www.earthtimes.org/articles/show/24...dia-player.html Unfortunately, the latest version of VLC Media Player, the 0.9.8 has some severe faults, so an upgrade seems not to be the answer. http://forums.techarena.in/windows-software/1083470.htm I Bleed Blue and Gold GO BEARS! Quote
Guest Spirit Posted December 26, 2008 Posted December 26, 2008 This was fixed in 0.98a available at the website. http://www.videolan.org/ "Cal Bear '66" <x1x1x1@x1x1x1.org> wrote in message news:C3056A01-2A88-4C92-BE33-C2102EA7134E@microsoft.com...<span style="color:blue"> > > Bonn, Germany - A security hole has been discovered in the VLC Media > Player, the German Federal Agency for Security in Information Technology > (BSI) in Bonn reported. Attackers can exploit this vulnerability using > rigged Real Media files (file ending with "rm") to install malicious > software onto the user's computer. The victim has just to open the > manipulated multimedia file. > > VLC Media Player versions prior to release 0.9.8 are affected, the BSI > reports. The software maker has fixed the problem for Version 0.9.8, but > to date has only made the source code available. All VLC Media Player > users are advised to remove the file libreal_plugin manually from the VLC > plug-in installation directory. > > http://www.earthtimes.org/articles/show/24...dia-player.html > > Unfortunately, the latest version of VLC Media Player, the 0.9.8 has some > severe faults, so an upgrade seems not to be the answer. > > http://forums.techarena.in/windows-software/1083470.htm > > > I Bleed Blue and Gold > GO BEARS! > > > </span> Quote
Guest Daniela Posted February 5, 2009 Posted February 5, 2009 "Cal Bear '66" wrote: <span style="color:blue"> > > Bonn, Germany - A security hole has been discovered in the VLC Media Player, the > German Federal Agency for Security in Information Technology (BSI) in Bonn > reported. Attackers can exploit this vulnerability using rigged Real Media files > (file ending with "rm") to install malicious software onto the user's computer. > The victim has just to open the manipulated multimedia file. > > VLC Media Player versions prior to release 0.9.8 are affected, the BSI reports. > The software maker has fixed the problem for Version 0.9.8, but to date has only > made the source code available. All VLC Media Player users are advised to remove > the file libreal_plugin manually from the VLC plug-in installation directory. > > http://www.earthtimes.org/articles/show/24...dia-player.html > > Unfortunately, the latest version of VLC Media Player, the 0.9.8 has some severe > faults, so an upgrade seems not to be the answer. > > http://forums.techarena.in/windows-software/1083470.htm > > > I Bleed Blue and Gold > GO BEARS! > > > > </span> Quote
Guest occam Posted February 6, 2009 Posted February 6, 2009 Daniela wrote:<span style="color:blue"> > > "Cal Bear '66" wrote: > <span style="color:green"> >> Bonn, Germany - A security hole has been discovered in the VLC Media Player, the >> German Federal Agency for Security in Information Technology (BSI) in Bonn >> reported. Attackers can exploit this vulnerability using rigged Real Media files >> (file ending with "rm") to install malicious software onto the user's computer. >> The victim has just to open the manipulated multimedia file. >> >> VLC Media Player versions prior to release 0.9.8 are affected, the BSI reports. >> The software maker has fixed the problem for Version 0.9.8, but to date has only >> made the source code available. All VLC Media Player users are advised to remove >> the file libreal_plugin manually from the VLC plug-in installation directory. >> >> http://www.earthtimes.org/articles/show/24...dia-player.html >> >> Unfortunately, the latest version of VLC Media Player, the 0.9.8 has some severe >> faults, so an upgrade seems not to be the answer. >></span></span> Daniela This is old news. There has been a 'patch' release of VLC version 0.9.8.a soon after. You can get it here: http://www.filehippo.com/download_vlc/ Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.