VideoLAN, a project and a non-profit organization.

Security Advisory 1202

Summary           : Heap overflows in VLC Real RTSP support.
Date              : March 2012
Affected versions : VLC media player all versions up to 2.0.1
ID                : VideoLAN-SA-1202
CVE reference     : CVE-2012-1776

Details

Details will be known later.

Impact

If successful, a malicious third party could crash the VLC media player process. Arbitrary code execution could be possible on some systems.

Threat mitigation

Exploitation of this issue requires the user to explicitly open a specially crafted file.

Workarounds

The user should refrain from opening files from untrusted third parties or accessing untrusted remote sites (or disable the VLC browser plugins), until the patch is applied.

Alternatively, the realrtsp access plugin (libaccess_realrtsp_plugin.*) can be removed manually from the VLC plugin installation directory. This will prevent opening of Real rtsp streams.

Solution

VLC media player 2.0.1 addresses this issue. Patches for older versions will be available through the git repositories

Credits

This vulnerability was reported by Florent Hochwelker, aka TaPiOn.

References

The VideoLAN project
http://www.videolan.org/

History

12 March 2012
Vendor notification.
Private patch for VLC development version, 2.0 and 1.1 trees.
Initial security advisory.
15 March 2012
Official patch merged in VLC development version, 2.0 and 1.1 trees.
Jean-Baptiste Kempf,
on behalf of the VideoLAN project