New critical vulnerability in VLC Media Player
2 posters
Page 1 of 1
New critical vulnerability in VLC Media Player
Full article...the project has reported a new vulnerability which can be exploited using specially crafted MKV (Matroska Video and WebM) films to inject malicious code onto a system and execute that code with the user's privileges...
You can run VLC in a sandbox like this one
- Code:
[VLC]
ConfigLevel=7
Enabled=y
BoxNameTitle=y
BorderColor=#8000FF
AutoDelete=y
NeverDelete=n
NotifyInternetAccessDenied=y
DropAdminRights=y
ForceProcess=vlc.exe
NotifyStartRunAccessDenied=y
Template=BlockPorts
ClosedFilePath=InternetAccessDevices
ProcessGroup=<StartRunAccess>,vlc.exe
ClosedIpcPath=!<StartRunAccess>,*
Ruhe- Valued Member
- Posts : 261
Join date : 2010-04-16
Location : Germany
Re: New critical vulnerability in VLC Media Player
Thanks Ruhe. I guess that's a reminder that a "virus" is not always an executable, it can come in many forms.
Good idea to sandbox off your media player, I didn't think of that, and can't see any reason not to!
I'll set it up now
Good idea to sandbox off your media player, I didn't think of that, and can't see any reason not to!
I'll set it up now
Stephen2- Member
- Posts : 34
Join date : 2010-10-18
Location : Melbourne, Australia
Re: New critical vulnerability in VLC Media Player
I'm running VLC sandboxed for more than a year - because of all its security problems in the past.
Ruhe- Valued Member
- Posts : 261
Join date : 2010-04-16
Location : Germany
Similar topics
» Windows Media Player kinda suck...
» LNK vulnerability POC re-test
» ASLR vulnerability and EMET remedy
» Vulnerability in Graphics Rendering Engine
» Vulnerability in TCP/IP Could Allow Remote Code Execution
» LNK vulnerability POC re-test
» ASLR vulnerability and EMET remedy
» Vulnerability in Graphics Rendering Engine
» Vulnerability in TCP/IP Could Allow Remote Code Execution
Page 1 of 1
Permissions in this forum:
You cannot reply to topics in this forum