Fortinet Discovers VLC Player VOB File Parsing Heap Corruption Vulnerability
Fortinet's FortiGuard Labs has discovered a heap corruption vulnerability in VideoLan VLC Media Player.
VLC Media Player is a popular media player software that supports many audio and video file formats.
A heap corruption vulnerability has been discovered in VLC Media Player. The vulnerability is caused by incorrectly parsing a crafted VOB file which causes a Write Access violation. It could allow malicious users to create code execution scenarios.
SolutionsFortiGuard Labs released the following FortiGate IPS signature which covers this specific vulnerability:
Released May 17, 2017
Users should apply the solution provided by VideoLAN.
This vulnerability was discovered by Chris Navarrete of Fortinet's FortiGuard Labs.