VLC Media Player Bug Bites at Apple
UPDATE: The second flaw warning in the Month of Apple Bugs project is for a remote code execution issue affecting the cross-platform VLC media player distributed by VideoLAN. |
A working exploit for the vulnerability, which follows yesterday's QuickTime security hole, has been released, alongside a warning that it targets a format string vulnerability in handling of the udp:// URL handler.
"By supplying a specially crafted string, a remote attacker could cause an arbitrary code execution condition, under the privileges of the user running VLC," said an advisory from LMH and Kevin Finisterre, the two hackers behind the project.
The flaw and exploit were successfully tested on VLC version 0.8.6 for Mac OS X. David Maynor of Errata Security has confirmed that it also affects Windows users.
Since the issue is previously undocumented and unpatched, the only potential workaround would be to disable the udp:// URL handler or uninstall the VLC media player.
Or, as the hackers taunt, "Simply live with the feeling of being a potential target for pwnage."
Apple provides a download link for the VLC media player.
UPDATE: VideoLAN is already working on a patch. Former Apple engineer Landon Fuller has an unofficial patch available as part of his plan to ship runtime fixes for every flaw released in the MoAB.
Comments (1)
So this is a bug in a cross platform application that affects at least both OS X and Windows, so how does this just bite Apple? The headline is misleading, as I suspect you know. This is no different than a bug in Firefox, or the previous one in Quicktime, or Skype, Word, Excel, the list goes on. Also, does the version of OS X mater? Does the version of Windows?
Posted by Dave Murdock | January 3, 2007 9:00 AM