[vlc-devel] CVE-2009-1045 VLC 0.9.8a DoS (crash) and possibly arbitrary code execution
Ján iankko Lieskovský
iankko at seznam.cz
Tue Mar 24 18:26:02 CET 2009
Hello guys,
the following potentially security vulnerability has been reported against VLC 0.9.8a player:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1045
Checked it affects VLC 0.9.8a (but didn't try the latest git version).
PoC is available here: http://www.milw0rm.com/exploits/8213
Could you please address this flaw?
If already done so, please ignore this announcement.
Thanks && regards, Jan.
--
Jan Lieskovsky
P.S.: Is there some dedicated e-mail address to report potential security issues in VLC other
from this one?
More information about the vlc-devel
mailing list