Thursday, April 11, 2013

Buffer Overflow Vulnerabilty in VLC Media Player ASF Demuxer


Affected versions  : VLC media player 2.0.5 and earlier
CVE reference      : CVE-2013-1954
Official Advisory:

http://www.videolan.org/security/sa1302.html

Image Source : http://hackread.com/critical-vulnerability-found-on-vlc-media-player/


Details:
When parsing a specially crafted ASF movie, a buffer overflow might occur.
Impact
If successful, a malicious third party could trigger an invalid memory access, leading to a crash of VLC media player's process. In some cases attackers might exploit this issue to execute arbitrary code within the context of the application.
Threat mitigation
Exploitation of this issue requires the user to explicitly open a specially crafted ASF movie.
Workarounds
The user should refrain from opening files from untrusted third parties or accessing untrusted remote sites (or disable the VLC browser plugins), until the patch is applied.
Alternatively, the ASF demuxer (libasf_plugin.*) can be removed manually from the VLC plugin installation directory. This will prevent ASF movie playback.
Solution
This issue is addressed in VLC media player 2.0.x source code repository by replacing a macro with a static inline and improved bounds checking.
This patch is included in VLC's 2.0.6 release.
Windows and Mac OS X builds can be found on the VideoLAN nightlies website.