VLC Media Player "smb://" URI Handler ".xspf" File Buffer Overflow Issue
14 September 2010
VLC is a cross-platform multimedia player and framework. VLC is exposed to a buffer overflow issue because it fails to perform adequate boundary checks on user-supplied input. Specifically, this issue occurs when parsing a specially crafted ".xspf" file with the "smb://" URI handler. VLC media player version 1.1.3 is affected.
Researchers from Palo Alto Networks and WeipTech have unearthed a scheme that resulted in the largest known Apple account theft caused by malware. All in all, some 225,000 valid Apple accounts have been compromised.
Discussions about security intelligence still focus primarily around conventional reactive SIEM. Security pros need to move from this reactive model to proactively using this security intelligence to protect their businesses.
Today almost every company is dealing with big data in one way or another – including customer data, tracking data, and behavioral marketing information – connecting every aspect of our lives. While this is a cutting edge use of technology, data monitoring can become dangerous when placed in the wrong hands.
Robert Hansen, Vice President of WhiteHat Security Labs, discusses the evolution of web application security, offers advice on how to improve web application security practices, recommends tools, and more.