VLC Media Player 3.0.11 fixes severe remote code execution flaw

You might think that this is only of interest to people that have downloaded the VLC client. Unfortunately, VLC is embedded in a number of applications to play video and audio files so the vulnerability may still be out there long after the ‘full-fat’ player has been updated. It’s worth checking for the presence of ‘hxxx’ files. Here’s the diff of the offending file for those that are interested: hxxx_nal.c …:

VideoLan has released VLC Media Player 3.0.11, and it is now available for Windows, Mac, and Linux. In addition to bug fixes and improvements, this release also fixes a security vulnerability that could allow attackers to remotely execute commands or crash VLC on a vulnerable computer.

This vulnerability is tracked as CVE-2020-13428 and is a “buffer overflow in VLC’s H26X packetizer” that would allow attackers to execute commands under the same security level as the user if properly exploited.

According to VideoLan’s security bulletin, this vulnerability can be exploited by creating a specially crafted file and tricking a user into opening it with VLC.

[…]

Original article here