Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Wed, 25 Aug 2010 23:32:33 +0200
From: Geoffroy Couprie <geal@...eolan.org>
To: oss-security <oss-security@...ts.openwall.com>
Subject: CVE request: VLC media player - DLL preloading vulnerability

Hello,

We fixed the DLL preloading vulnerability in VLC media player with this commit:

http://git.videolan.org/?p=vlc/vlc-1.1.git;a=blobdiff;f=bin/winvlc.c;h=ac9b97ca9f5f9ba001f13bf61eb5127a1c1dbcbf;hp=2d09cba320e3b0def7069ce1ebab25d1340161c5;hb=43a31df56c37bd62c691cdbe3c1f11babd164b56;hpb=2d366da738b19f8d761d7084746c6db6f52808c6

VLC was exploitable by loading wintab32.dll, a component request by
Qt, as shown in http://www.exploit-db.com/exploits/14750/
There's another possibility with DMO.

Will there be a CVE ID by vulnerable application (presumably, this
will need a lot of IDs), or only one for Windows?

Best regards,

Geoffroy Couprie

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ