VLC v2.1.2 vulnerable to RTSP attack

For questions and discussion that is NOT (I repeat NOT) specific to a certain Operating System.
Xircal
New Cone
New Cone
Posts: 7
Joined: 04 Jun 2012 20:19

VLC v2.1.2 vulnerable to RTSP attack

Postby Xircal » 03 Jan 2014 16:10

Downloaded and installed v2.1.2 today, but it fails to update the Firefox plugin which remains at v2.1.0 according to the Firefox Add-ons Manager.

This means that the VLC player remains vuilnerable to the RTSP exploit described in the following link when used in combination with the latest version of Firefox: http://isecpartners.github.io/fuzzing/v ... ility.html

Jean-Baptiste Kempf
Site Administrator
Site Administrator
Posts: 37523
Joined: 22 Jul 2005 15:29
VLC version: 4.0.0-git
Operating System: Linux, Windows, Mac
Location: Cone, France
Contact:

Re: VLC v2.1.2 vulnerable to RTSP attack

Postby Jean-Baptiste Kempf » 03 Jan 2014 17:42

If you installed the firefox plugin with 2.1.2, then it is fixed. Even if the number is 2.1.0 in the firefox plugin.
Jean-Baptiste Kempf
http://www.jbkempf.com/ - http://www.jbkempf.com/blog/category/Videolan
VLC media player developer, VideoLAN President and Sites administrator
If you want an answer to your question, just be specific and precise. Don't use Private Messages.


Return to “General VLC media player Troubleshooting”

Who is online

Users browsing this forum: No registered users and 38 guests