Vigil@nce - VLC: denial of service via PNG
October 2012 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can invite the victim to open a malicious PNG
document, in order to stop VLC.
Impacted products: Unix (platform)
Severity: 1/4
Creation date: 25/10/2012
DESCRIPTION OF THE VULNERABILITY
The VLC program displays multimedia documents.
A malformed PNG image generates a read error at an invalid memory
address in VLC. Technical details are unknown.
An attacker can therefore invite the victim to open a malicious
PNG document, in order to stop VLC.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/VLC-denial-of-service-via-PNG-12092