heise PlusAbo
Anzeige
Alert!

Security update: VLC media player vulnerable to attacks

The developers have closed a security vulnerability in VLC media player. Malicious code can slip through the vulnerability.

listen Print view
Update sign

(Image: Artur Szczybylo/Shutterstock.com)

1 min. read
Security
By

Attackers can target the VLC media player and attack computers via a vulnerability. A bug-fixed version is available for download.

In a brief warning message, the developers explain that attackers can trigger a memory error (heap bases overflow) using a manipulated MMS stream. If this works, the player crashes as part of a DoS attack or malicious code can even get onto systems. According to them, there have been no attacks to date.

Videos by heise

It is not yet clear how such an attack could work in detail. There is also no CVE number and no classification of the threat level in the article.

The developers assure us that they have closed the vulnerability in version 3.0.21. All previous versions are said to be vulnerable.

(des)

Don't miss any news – follow us on Facebook, LinkedIn or Mastodon.

This article was originally published in German. It was translated with technical assistance and editorially reviewed before publication.

Beliebte Bestenlisten

Alle Angebote
Newsletter heise-Bot heise-Bot Push Nachrichten Push Push-Nachrichten