Good news ! Hackbusters community is waiting for you !  https://discuss.hackbusters.com
KnowBe4 has been running the HackBusters site for a few years now, providing you with trending IT security news. We are expanding it and have launched a new exciting online community! The forum is divided into four main topics or categories: Social Engineering, Ransomware, Phishing and Security Awareness Training. You are invited to be one of the first to join us at: https://discuss.hackbusters.com.

VLC and other media players hit by critical vulnerability

Cone-147672_1280
A critical code execution vulnerability has been identified in LIVE555 Streaming Media RTSP Server library used by VLC and other media players. Lilith Wyatt, the IT security researcher at Cisco Talos Intelligence Group has discovered the vulnerability.

The vulnerability exists in the HTTP packet-parsing functionality of LIVE555 RTSP Server library through which an attacker can send a crafted malicious packet to trigger the vulnerability and cause a stack-based buffer overflow resulting in code execution.

“A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution. An attacker can send a packet to trigger this vulnerability,” Wyatt explained in her blog post.

The LIVE555 streaming media contains a set of open-source C++ libraries that developed by Live Networks Inc for streaming multimedia. The library works with RTP / RTCP, RTSP or SIP protocols that supportboth clients and server with the ability to process video and audio formats such...(continued)
View All Trending Stories