+- Geeks for your information (https://www.geeks.fyi)
+-- Forum: News (https://www.geeks.fyi/forumdisplay.php?fid=105)
+--- Forum: Privacy & Security News (https://www.geeks.fyi/forumdisplay.php?fid=107)
+--- Thread: Code Execution Vulnerability Patched in Library Used by VLC, Other Media Players (/showthread.php?tid=4194)
Code Execution Vulnerability Patched in Library Used by VLC, Other Media Players - silversurfer - 18 October 18
Quote:Live Networks Inc patched a code execution vulnerability affecting the HTTP packet-parsing functionality of the LIVE555 Streaming Media libraries disclosed by the Cisco Talos Intelligence Group's Lilith Wyatt.
"An exploitable code execution vulnerability exists in the HTTP packet-parsing functionality of the LIVE555 RTSP server library," says Cisco Talos' advisory. "A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution. An attacker can send a packet to trigger this vulnerability."
Source: https://news.softpedia.com/news/code-execution-vulnerability-patched-in-library-used-by-vlc-other-media-players-523314.shtml