VideoLAN, a project and a non-profit organization.

Security Advisory 1801

Summary           : Heap use after free during SWF file playback
Date              : July 2018
Affected versions : VLC media player 3.0.0 and 3.0.1 
ID                : VideoLAN-SA-1801
CVE reference     : CVE-2018-11516

Details

A remote user can create a specially crafted swf file that, when loaded by the target user, will trigger a heap use after free in Demux() (demux/avformat/demux.c)

Impact

If successful, a malicious third party could trigger either a crash of VLC or an arbitratry code execution with the privileges of the target user.

Threat mitigation

Exploitation of those issues requires the user to explicitly open a specially crafted file or stream.

ASLR and DEP help reduce exposure, but may be bypassed.

Workarounds

The user should refrain from opening files from untrusted third parties or accessing untrusted remote sites (or disable the VLC browser plugins), until the patch is applied.

Solution

VLC media player 3.0.2 addresses the issue.

References

The VideoLAN project
http://www.videolan.org/
VLC official GIT repository
http://git.videolan.org/?p=vlc.git