VideoLan v2.0.5 possible vulnerability - execution of code

Gopher · Postby **Gopher** » 03 Mar 2013 23:33

I have just attempted to play an AVI file with version 2.0.5 by double clicking the AVI file itself. The file did not play, but what ever the code was that executed it deleted the Opera directory and attempted to change FireFox, after which it didn't function properly anymore. The change to the system (WinXP Pro 32 SP3) also caused login issues. Immediately after this the system was restored from a previous backup and the problem fixed. I have a copy of the suspect AVI. I would like to know how to report this to the Devs so they can take a look at it. How do I do that?

Postby **TypX** » 04 Mar 2013 11:33

First did you get your vlc from http://videolan.org/ or from a third party site? If the latter it may be a scam.
Else open a trac ticket on http://trac.videolan.org/vlc and upload the file on http://streams.videolan.org/upload

Gopher · Postby **Gopher** » 04 Mar 2013 12:58

Thankyou for the reply TypX. Yes, my VLC was downloaded direct from the VLC website. I will open a ticket. I wanted to check with the group first as some organizations don't like tickets opened before discussion.

Postby **Jean-Baptiste Kempf** » 10 Mar 2013 01:50

I wanted to check with the group first as some organizations don't like tickets opened before discussion.

This is a weird way...

The VideoLAN Forums

VideoLan v2.0.5 possible vulnerability - execution of code

VideoLan v2.0.5 possible vulnerability - execution of code

Re: VideoLan v2.0.5 possible vulnerability - execution of co

Re: VideoLan v2.0.5 possible vulnerability - execution of co

Re: VideoLan v2.0.5 possible vulnerability - execution of co

Who is online